Python incident-response

Open-source Python projects categorized as incident-response | Edit details

Top 15 Python incident-response Projects

  • IntelOwl

    Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

    Project mention: Threat detection | reddit.com/r/selfhosted | 2022-03-01

    One thing I ran for a while was security onion and utilized port mirroring to mirror the uplink port from my primary switch to my LAN on my router, so I was catching anything coming into/out of my network destined for internet. I've also used ElastiFlow ( https://github.com/robcowart/elastiflow ) which is absolutely phenomenal and awesome, I did the same and it provides some great data. You could also leverage IntelOwl ( https://github.com/intelowlproject/IntelOwl ) , one thing I have added to all my VMs is a OSSEC agent, Wazuh to be specific which is free ( https://github.com/wazuh/wazuh ) and while I am not using it to its full potential such as monitoring file deletions/modifications etc it is a powerful tool.

  • beagle

    Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs. (by yampelo)

    Project mention: yampelo/beagle - Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs. | reddit.com/r/GithubSecurityTools | 2021-06-30
  • SonarLint

    Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.

  • Incident-Playbook

    GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

    Project mention: Goal: Incident Response Playbooks Mapped to Mitre Attack Tactics and Techniques | news.ycombinator.com | 2022-03-06
  • intelmq

    IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

    Project mention: What are your favorite open-sources tools? | reddit.com/r/blueteamsec | 2021-10-15

    IntelMQ

  • APT-Hunter

    APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

    Project mention: ahmedkhlief/APT-Hunter - APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity | reddit.com/r/GithubSecurityTools | 2021-09-28
  • CyberThreatHunting

    A collection of resources for Threat Hunters - Sponsored by Falcon Guard

    Project mention: Any good threat hunting resources? Looking for query libraries. | reddit.com/r/computerforensics | 2022-04-08
  • Watcher

    Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • ThePhish

    ThePhish: an automated phishing email analysis tool

    Project mention: GitHub - emalderson/ThePhish: ThePhish: an automated phishing email analysis tool | reddit.com/r/bag_o_news | 2022-01-24
  • dfirtrack

    DFIRTrack - The Incident Response Tracking Application

    Project mention: We are a security team with 20+ years of ethical hacking, and we've defended over 2 million attacks with Blumira. Ask Us Anything. | reddit.com/r/cybersecurity | 2021-10-18
  • TheHiveDocs

    Documentation of TheHive

  • evtx-hunter

    evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

    Project mention: GitHub - NVISOsecurity/evtx-hunter: evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files. | reddit.com/r/bag_o_news | 2021-07-29
  • assisted-log-enabler-for-aws

    Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

    Project mention: Assisted Log Enabler for AWS - Find resources that are not logging, and turn them on. | reddit.com/r/aws | 2021-06-16
  • mediator

    An extensible, end-to-end encrypted reverse shell with a novel approach to its architecture. No need to set up port forwarding for the shell to connect. (by lawndoc)

    Project mention: What is the most cursed code you have ever written yourself? | reddit.com/r/programminghorror | 2021-11-09

    Mine would be part of https://github.com/lawndoc/mediator

  • INDXRipper

    Carve file metadata from NTFS index ($I30) attributes

    Project mention: INDXRipper: Carve index entries from NTFS index ($I30) attributes | reddit.com/r/blueteamsec | 2021-09-28
  • Simple-Live-Data-Collection

    Simple Live Data Collection Tool

    Project mention: LetsDefend/Simple-Live-Data-Collection - Simple Live Data Collection Tool | reddit.com/r/GithubSecurityTools | 2021-06-01
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-04-08.

Python incident-response related posts

Index

What are some of the best open-source incident-response projects in Python? This list will help you:

Project Stars
1 IntelOwl 2,294
2 beagle 1,113
3 Incident-Playbook 869
4 intelmq 734
5 APT-Hunter 700
6 CyberThreatHunting 617
7 Watcher 585
8 ThePhish 563
9 dfirtrack 392
10 TheHiveDocs 377
11 evtx-hunter 101
12 assisted-log-enabler-for-aws 92
13 mediator 86
14 INDXRipper 26
15 Simple-Live-Data-Collection 22
Find remote jobs at our new job board 99remotejobs.com. There are 7 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com