List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
-
Updated
Jan 19, 2024 - Shell
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Educational, CTF-styled labs for individuals interested in Memory Forensics
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Everything related to Linux Forensics
swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Docker configurations for TheHive, Cortex and 3rd party tools
Harness the power of Splunk for your investigations
Blazescan is a linux webserver malware scanning and incident response tool, with built in support for cPanel servers, but will run on any linux based server.
Bash script to Check for malicious Cryptomining
unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
A script to assist in processing forensic RAM captures for malware triage
The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
The scrip will help you to find some values info for the user that you need as DFIR
MISP decaying models
🏴☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration tasks 😉
Resources for DFIR. And more.
Elastic cluster for DFIR
Break-In Analyzer - A script that analyze auth.log, secure, utmp/wtmp for possible SSH break-in attempts
Incident Forensic Response In Terminal script for linux
Add a description, image, and links to the dfir topic page so that developers can more easily learn about it.
To associate your repository with the dfir topic, visit your repo's landing page and select "manage topics."