Top 23 incident-response Open-Source Projects

• awesome-sre

  3 11,454 0.0

  A curated list of Site Reliability and Production Engineering resources.

  Project mention: 24 GitHub repos with 372M views that you can't miss out as a software engineer | dev.to | 2024-01-25

  A curated list of Site Reliability and Production Engineering resources: https://github.com/dastergon/awesome-sre

• kubeshark

  5 10,525 9.5 Go

  The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes

  

  Project mention: Show HN: Alaz: Open-Source, Self-Hosted, eBPF-Based K8s Monitoring | news.ycombinator.com | 2023-09-06

  The one similar product I had come across is Kubeshark (https://github.com/kubeshark/kubeshark). But admittedly the eBPF way seems more performant theoretically (given you can afford to have a modern-enough kernel). I'm really excited to see how this project develops out.

  The eBPF-mode of innovation is pretty exciting, truly a fresh lens to building software. I'm also following Akita Software - the company building an eBPF paradigm of monitoring.

• InfluxDB

  www.influxdata.com

  sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• Wazuh

  33 9,018 10.0 C

  Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

  

  Project mention: Exclude certain CIS (sca) rules from agents | /r/Wazuh | 2023-12-11

  There is currently no feature for excluding specific SCA rules however this feature has been requested here and would be added to the roadmap for future releases.

• howtheysre

  1 8,888 6.4 JavaScript

  A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

  Project mention: 5 GitHub Projects to Help You Become a Better DevOps Engineer ⚡ | dev.to | 2023-06-23

  1. How they SRE

• my-arsenal-of-aws-security-tools

  0 8,680 5.1 Shell

  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

• awesome-incident-response

  0 7,098 5.6

  A curated list of tools for incident response

• oneuptime

  19 3,926 10.0 TypeScript

  OneUptime is the complete open-source observability platform.

  

  Project mention: Show HN: OneUptime – open-source Datadog Alternative | news.ycombinator.com | 2024-04-02

• WorkOS

  workos.com

  sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• awesome-threat-detection

  0 3,308 2.6

  ✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

• TheHive

  4 3,166 0.0 Scala

  TheHive: a Scalable, Open Source and Free Security Incident Response Platform

  

  Project mention: What are your go-to tools for task management and/or case work? | /r/cybersecurity | 2023-12-09

  I had a quick test with the hive looks pretty nice. https://thehive-project.org/

• IntelOwl

  1 3,096 9.6 Python

  IntelOwl: manage your Threat Intelligence at scale

  

  Project mention: Monthly Security Checklist | /r/msp | 2023-06-25

• velociraptor

  2 2,628 9.6 Go

  Digging Deeper....

  

  Project mention: How to carry out mass Digital Forensic Collections using open source tools? | /r/computerforensics | 2023-12-06

• sleuthkit

  1 2,465 8.9 C

  The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

  

  Project mention: Are there any GPU-powered disk forensics libraries/frameworks or programs? | /r/CUDA | 2023-09-28

• volatility3

  1 2,184 9.4 Python

  Volatility 3.0 development

  

  Project mention: Volatility 3 2.4.1 - New Linux and Windows plugins | /r/blueteamsec | 2023-04-22

• hayabusa

  1 1,912 9.8 Rust

  Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

  

  Project mention: Release v2.5.0 🦅 of Hayabusa - Hayabusa is a Windows event log fast forensics timeline generator and threat hunting tool | /r/blueteamsec | 2023-05-07

• cyberchef-recipes

  0 1,881 0.0

  A list of cyber-chef recipes and curated links

• PersistenceSniper

  1 1,791 6.9 PowerShell

  Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte

  Project mention: PersistenceSniper v1.13.0 and in-depth Wiki by @last0x00 | /r/netsec | 2023-10-10

• Bashfuscator

  0 1,497 0.0 Python

  A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

  

• response

  0 1,494 0.0 JavaScript

  Monzo's real-time incident response and reporting tool ⚡️

  

• Incident-Playbook

  0 1,329 0.0 Python

  GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

• beagle

  0 1,250 0.0 Python

  Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs. (by yampelo)

• Cortex

  0 1,237 4.9 Scala

  Cortex: a Powerful Observable Analysis and Active Response Engine (by TheHive-Project)

  

• postmortem-templates

  1 1,217 0.0

  A collection of postmortem templates

  Project mention: How to rebound from a really bad deployment? | /r/softwaretesting | 2023-05-17

  Here are lots of templates from GitHub to use for your post-mortem meeting.

• asn

  1 1,162 7.3 Shell

  ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server

  Project mention: CLI tool and library that checks an IP address | /r/commandline | 2023-05-30

  Alternative: asn

• SaaSHub

  www.saashub.com

  sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

incident-response related posts

• Vector: A high-performance observability data pipeline
  5 projects | news.ycombinator.com | 17 Mar 2024
• Show HN: OneUptime – Self Hosted Open Source Datadog Alternative
  3 projects | news.ycombinator.com | 25 Feb 2024
• It's not always DNS – unless it is
  2 projects | news.ycombinator.com | 22 Dec 2023
• Show HN: OneUptime – open-source Incident.io,StatusPage.io,PagerDuty alternative
  1 project | news.ycombinator.com | 20 Dec 2023
• OneUptime: Open Source StatusPage.io + UptimeRobot + PagerDuty alternative that you can self-host on Kubernetes and Helm
  1 project | /r/webdev | 8 Dec 2023
• PagerDuty Postmortem Handbook
  1 project | news.ycombinator.com | 7 Dec 2023
• How to carry out mass Digital Forensic Collections using open source tools?
  1 project | /r/computerforensics | 6 Dec 2023
• A note from our sponsor - InfluxDB
  www.influxdata.com | 16 Apr 2024

  Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com