Open source security data pipelines.
-
Updated
Jun 12, 2024 - C++
Open source security data pipelines.
Explore the world of Security Operations Centers (SOC) with detailed notes covering SOC workflows, threat detection, incident response, and cybersecurity best practices. Ideal for cybersecurity enthusiasts and professionals preparing for SOC roles.
An open source platform to support analysts to organise their case and tasks
Documentation for DFIR ORC, artefact collection tool dedicated to Microsoft Windows
Wazuh - Docker containers
Forensics artefact collection tool for systems running Microsoft Windows
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
On-Call/DevOps Assistant - Get a head start on fixing alerts with AI investigation
Digging Deeper....
A curated list of tools for incident response. With repository stars⭐ and forks🍴
Plugins for Wazuh Dashboard
OneUptime is the complete open-source observability platform.
A PowerShell script for rapid initial incident response data collection on a potentially breached Windows system.
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes
Volatility 3.0 development
🏴☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration day to day tasks 😉
Wazuh - Project documentation
AssemblyLine 4: File triage and malware analysis
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
This tool is designed to support the investigation of Unified Audit Logs. The tool processes the logs, enriches IP addresses, offers filtering and provides visualizations.
Add a description, image, and links to the incident-response topic page so that developers can more easily learn about it.
To associate your repository with the incident-response topic, visit your repo's landing page and select "manage topics."