Top 10 incident-response-tooling Open-Source Projects

• awesome-incident-response

  4 7,098 5.6

  A curated list of tools for incident response

• TheHive

  24 3,166 0.0 Scala

  TheHive: a Scalable, Open Source and Free Security Incident Response Platform

  

Project mention: What are your go-to tools for task management and/or case work? | /r/cybersecurity | 2023-12-09

I had a quick test with the hive looks pretty nice. https://thehive-project.org/

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• Aurora-Incident-Response

  6 727 0.0 JavaScript

  Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

• dfirtrack

  2 466 7.8 Python

  DFIRTrack - The Incident Response Tracking Application

  

• aws-cloudsaga

  2 421 0.0 Python

  AWS CloudSaga - Simulate security events in AWS

  

• aws-health-aware

  1 316 4.8 Python

  AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.

  

• shomon

  12 128 0.0 Go

  Shodan Monitoring integration for TheHive.

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• mediator

  5 97 7.3 Python

  An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding. (by lawndoc)

• VelociDeploy-o-Matic

  1 11 2.6 HCL

  Scripts to for ready-to-use Velociraptor instance deployment in Azure

Project mention: VelociDeploy-o-Matic: Scripts to for ready-to-use Velociraptor instance deployment in Azure | /r/blueteamsec | 2023-06-12

• cwtune

  1 10 6.4 Python

  CLI for selecting and back-testing CloudWatch alarm configuration

  

Project mention: Cwtune – CLI for selecting and back-testing Cloudwatch alarm config | news.ycombinator.com | 2023-08-03

incident-response-tooling related posts

• Report tips and note taking tips
  4 projects | /r/computerforensics | 21 Mar 2023
• cyb3rfox / Aurora-Incident-Response - Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
  1 project | /r/bag_o_news | 3 Mar 2022
• Help! TheHive out, which SIRP shall we choose?
  7 projects | /r/blueteamsec | 24 Feb 2022
• Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
  1 project | /r/blueteamsec | 22 Feb 2022
• Are there any free / open source Evidence Management Systems?
  4 projects | /r/computerforensics | 18 Aug 2021
• A note from our sponsor - InfluxDB
  www.influxdata.com | 20 Apr 2024

  Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com