Lists (10)
Stars
A modern platform for visual, flexible, and extensible graph-based investigations. For cybersecurity analysts and investigators.
Comprehensive DFIR platform that combines remote acquisition, automated analysis, AI-powered investigation, and cloud forensics capabilities.
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Tooβ¦
Share, discover, and collect prompts from the community. Free and open source β self-host for your organization with complete privacy.
β‘οΈ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes
A powershell module for hiding payloads in the pixels of images
Investigate malicious Windows logon by visualizing and analyzing Windows event log
Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
βοΈWindows11 Penetration Suite Toolkit π° The First Windows Penetration Testing Environment on Mac M Chips
Gorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal
π΅οΈ A passive subdomain discovery tool with live status scanning β no API keys, no wordlists needed
All-in-one AI automation platform (workflows, agents, cases, tables) for security, IT, and infra teams.
π Search anyone's digital footprint across 300+ websites
PowerShell tools to help defenders hunt smarter, hunt harder.
Mapping of open-source detection rules and atomic tests.
Open Adversarial Exposure Validation Platform
Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), generates timelines, and detects suspicious activities.
PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection rules and undertake various security tasks, all accessible β¦
A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate suspicious activities.
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders