DFIRTrack - The Incident Response Tracking Application
-
Updated
Sep 4, 2024 - Python
#
incident-response-tooling
Here are 21 public repositories matching this topic...
AWS CloudSaga - Simulate security events in AWS
-
Updated
Apr 16, 2025 - Python
AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.
-
Updated
Dec 16, 2024 - Python
A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
python osint portable incident-response python3 dfir infosec tkinter-gui tkinter-python osinttool incident-response-tooling osint-python infosec-19 osint-professionals
-
Updated
Oct 18, 2023 - Python
Forensic toolkit for iOS sysdiagnose feature
-
Updated
Apr 16, 2025 - Python
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
python reverse-shell incident-response python-script plugins python3 handlers pentesting python-3 plugin-system red-team socket-programming security-tools end-to-end-encryption red-teaming reverse-shells pentesting-tools incident-response-tooling live-response
-
Updated
Nov 17, 2023 - Python
The DNA test for websites
api cybersecurity cyber-threat-intelligence incident-response-tooling osint-python url-analysis cybersecurity-tool
-
Updated
Feb 26, 2025 - Python
CLI program for automating the setup, configuration, and use of cybersecurity solutions
-
Updated
Feb 12, 2023 - Python
Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
linux rootkit incident-response malware intrusion-detection blueteam malware-detection rootkit-hunter incident-response-tooling rootkit-kernel
-
Updated
Nov 15, 2022 - Python
CLI for selecting and back-testing CloudWatch alarm configuration
python windows macos linux shell cli aws terminal cloudwatch cloud-management developer-tools observability incident-response-tooling
-
Updated
Aug 8, 2023 - Python
Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids
ioc incident-response forensics dfir secops digital-forensics security-orchestration security-automation security-tools soar ioc-framework blue-team nextsecurity cyber-threat-intelligence forensics-investigations cybersecurity-incidents cyber-security-team incident-response-tooling dfir-automation
-
Updated
May 3, 2020 - Python
systeminfo command for offline system images
-
Updated
Feb 10, 2023 - Python
Incident Response in AWS with Alexa
python aws automation incident-response lambda-functions linux-kernel alexa-skill incident-response-tooling
-
Updated
Aug 12, 2022 - Python
Highly useful Volatility-Malfind output parser for detecting Code/Process Injection patterns
incident-response forensics cybersecurity digital-forensics code-injection volatility volatility-plugins incident-response-tooling malfind
-
Updated
May 14, 2024 - Python
QRadar to Redmine(as Ticketing System) Integration with API CALLS written in Python
python api security redmine incident-response python3 redmine-issues siem incident-management ticketing-system qradar incident-response-tooling qradar-offense
-
Updated
Jul 8, 2021 - Python
Check domain in question to VT
python incident-response python3 python-3 virustotal incident-response-tooling incident-handling incidentresponse virustotal-python
-
Updated
Nov 18, 2023 - Python
Scope is an open source cloud forensic tool to rapidly analyse logs, detect suspicious activity and identify malicious resources. Scope supports Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure.
-
Updated
Mar 26, 2025 - Python
FIRST.org Incident Response teams' contact information scraper
scraper contacts incident-response web-scraping csirt incident-response-tooling contact-sharing first-org cert-team
-
Updated
Mar 14, 2022 - Python
A CLI tool for generating observability queries to assist incident responders during incident investigation.
-
Updated
Mar 9, 2025 - Python
Uses the Damerau-Levenshtein distance to find suspicious tasks running on endpoints in Windows.
incident-response threat-hunting edr incident-response-tooling threathunting endpoint-detection-response
-
Updated
Feb 7, 2024 - Python
Improve this page
Add a description, image, and links to the incident-response-tooling topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the incident-response-tooling topic, visit your repo's landing page and select "manage topics."