dfir

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

#Awesome#A curated list of tools for incident response

#夺旗赛 (CTF) 和网络安全资源#Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Automate the creation of a lab environment complete with security tooling and logging best practices

⭐️ A curated list of awesome forensic analysis tools and resources

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

IntelOwl: manage your Threat Intelligence at scale

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Loki - Simple IOC and YARA Scanner

Rapidly Search and Hunt through Windows Forensic Artefacts

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Collaborative forensic timeline analysis

A repository of sysmon configuration modules

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

YARA signature and IOC database for my scanners and tools

Windows Events Attack Samples

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

A list of cyber-chef recipes and curated links