Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work. Learn more →
Top 22 Python incident-response Projects
Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scaleProject mention: To GSoC and beyond... | dev.to | 2022-09-26
Allowed bulk analysis of files as well as observables, leading to a more efficient workflow for IntelOwl users. #1032
Volatility 3.0 developmentProject mention: Volatility 3 2.4.1 - New Linux and Windows plugins | reddit.com/r/blueteamsec | 2023-04-22
TestGPT | Generating meaningful tests for busy devs. Get non-trivial tests (and trivial, too!) suggested right inside your IDE, so you can code smart, create more value, and stay confident when you push.
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs. (by yampelo)
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.Project mention: Please be gentle | reddit.com/r/ProgrammerHumor | 2022-09-15
Try and figure out what this does... I used a tool I wrote years ago called Bashfuscator to create it: https://github.com/Bashfuscator/Bashfuscator
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]Project mention: Cyber Playbooks | reddit.com/r/cybersecurity | 2022-06-29
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activityProject mention: APT-Hunter: APT-Hunter is Threat Hunting tool for Windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity | reddit.com/r/blueteamsec | 2023-05-07
ThePhish: an automated phishing email analysis toolProject mention: How do you deal with phising emails at your company? | reddit.com/r/cybersecurity | 2023-05-14
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)
A knowledge base of actionable Incident Response techniquesProject mention: Mitre deTTECT | reddit.com/r/blueteamsec | 2023-03-31
Someone knows something similar to M.Att&ck for incident response? I found this: https://github.com/atc-project/atc-react looks good but seems pretty dead, :?
DFIRTrack - The Incident Response Tracking ApplicationProject mention: Report tips and note taking tips | reddit.com/r/computerforensics | 2023-03-21
DFIRTrack - https://github.com/dfirtrack/dfirtrack IR tracking application
Documentation of TheHive
Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.Project mention: Licensing API response data | reddit.com/r/opensource | 2022-06-20
Some repositories are licensed without having any code: Example with datasets: https://github.com/MISP/misp-taxonomies Example with md documentation: https://github.com/tldr-pages/tldr/blob/main/LICENSE.md
Python API Client for TheHiveProject mention: ThePhish: an automated phishing email analysis tool - A new version will come when the Python API for TheHive 5 becomes stable, so stay tuned! | reddit.com/r/netsec | 2023-04-22
Waiting for these guys to complete the API and related documentation: https://github.com/TheHive-Project/TheHive4py
Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
A cybersecurity game in Azure Data ExplorerProject mention: Kc7 – A cybersecurity game in Azure Data Explorer | news.ycombinator.com | 2022-09-26
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding. (by lawndoc)
Project mention: Playbook/Guide for responding to specific incident | reddit.com/r/cybersecurity | 2023-05-02
Carve file metadata from NTFS index ($I30) attributes
Simple Live Data Collection Tool
ONLYOFFICE Docs — document collaboration in your environment. Powerful document editing and collaboration in your app or environment. Ultimate security, API and 30+ ready connectors, SaaS or on-premises
Python incident-response related posts
Volatility 3 2.4.1 - New Linux and Windows plugins
1 project | reddit.com/r/blueteamsec | 22 Apr 2023
Using volatility 3 to retrieve clipboard contents
1 project | reddit.com/r/computerforensics | 27 Mar 2023
Report tips and note taking tips
4 projects | reddit.com/r/computerforensics | 21 Mar 2023
DataSurgeon: Quickly Extracts IP's, Email Addresses, Hashes, Files, URLs, Phone numbers and more from text
4 projects | reddit.com/r/programming | 3 Mar 2023
5 projects | reddit.com/r/computerforensics | 9 Feb 2023
How to conduct security assesment of AWS?
3 projects | reddit.com/r/AskNetsec | 8 Dec 2022
7 projects | reddit.com/r/cybersecurity | 29 Jun 2022
A note from our sponsor - Sonar
www.sonarsource.com | 30 May 2023
What are some of the best open-source incident-response projects in Python? This list will help you: