#

dfir-automation

Here are 19 public repositories matching this topic...

clong / DetectionLab

Sponsor Star

Automate the creation of a lab environment complete with security tooling and logging best practices

ansible vagrant packer powershell terraform detection dfir vagrantfile sysmon osquery information-security lab-environment detectionlab dfir-automation

Updated Jun 27, 2021
HTML

iknowjason / PurpleCloud

Star

Hybrid + Identity Cyber Range

azure dfir siem pentest purpleteam azure-lab dfir-automation

Updated May 27, 2021
HTML

iknowjason / BlueCloud

Star

Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.

dfir pentesting blue-team purpleteam cyber-range cyberrange dfir-automation edr-testing

Updated May 27, 2021
HTML

iknowjason / Velociraptor_Azure

Star

A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.

dfir purpleteam dfir-automation

Updated Apr 16, 2021
HCL

idiom / activemime-format

Star

ActiveMime File Format Documentation

dfir malware-analysis dfir-automation

Updated Jun 28, 2021
Python

ncsc-fi / minion-rules

Star

Minion rules for DFIR work.

open-source forensics dfir memory-forensics dfir-automation

Updated Jun 9, 2020

NextSecurity / Cortex-Analyzers-Modified

Star

Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids

ioc incident-response forensics dfir secops digital-forensics security-orchestration security-automation security-tools soar ioc-framework blue-team nextsecurity cyber-threat-intelligence forensics-investigations cybersecurity-incidents cyber-security-team incident-response-tooling dfir-automation

Updated May 3, 2020
Python

cyberpasta / loki-scan-manager

Star

Manage loki scans over a large network.

ioc automation incident-response dfir cybersecurity loki hunting powershell-script indicators-of-compromise dfir-automation

Updated Dec 9, 2020
PowerShell

paulverising / cbc-api

Star

This script is designed to pull data from the carbon black cloud. One disadvantage of the CBC GUI is the inability to see the command line for each process in bulk. Instead, you need to click on each process individually. This spits out the command line so you can quickly spot evil.

incident-response dfir dfir-automation carbon-black-cloud

Updated Jun 23, 2021
Python

wv8672 / AWS-Linux-Mem-Dump

Star

A Python, Boto3 script that leverages a forensic volume to attach & mount to a selected instance, run a memory dump, unmount and detach from the selected instance and finally attach & mount to a Forensic Workstation

linux aws ebs-volumes memorydumping lime dfir-automation

Updated Jul 15, 2020
Python

bonifield / URLBreakdown

Star

splits a URL into individual components, unescapes arguments, and performs light calculations for manual or automated analysis

python analysis forensics dfir webapp pentesting blueteam pentest-tool dfir-automation

Updated Apr 28, 2021
Python

iknowjason / HELK_Azure

Star

A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small HELK R&D lab in Azure.

azure threat-hunting purpleteam dfir-automation

Updated Apr 16, 2021
HCL

Critical-Start / GoFIR

Star

GoFIR is a DFIR tool written in Golang that can pull artifacts from remote hosts and store them in a S3 bucket of your choosing. It also has the ability to search for IOCs and return the results.

golang forensics dfir dfir-automation

Updated Apr 6, 2021

McL0vinn / Incident_Response_Script

Star

Small Incident Response Powershell script that collects various data from the system.Good alternative to run on a system while waiting for an approved AV scan( or instead of a scan)

dfir powershell-script dfir-automation ir-diag

Updated Aug 19, 2020
PowerShell

wv8672 / AWS-Linux-Vol-Mount

Star

A Python, Boto3 script that shuts down a selected instance, detaches the instance, generates a snapshot volume and then attaches and mounts both volumes to a workstation

linux aws ebs-volumes ebs-snapshots dfir-automation

Updated Jul 16, 2020
Python

dfirsec / hash_check

Star

Search for given file hash

hashing ioc hash filehash dfir-automation

Updated Jun 15, 2021
Python

dfirsec / magic_check

Star

Confirm file type by matching the magic signature ("number").

python dfir-automation filemagic

Updated Oct 5, 2020
Python

jipegit / awsdfirlab

Star

DFIR Lab in AWS

aws dfir cloudformation-template dfir-automation

Updated Jun 7, 2021

NextSecurity / nsrlsearch

Star

Ingest and query NIST NSRL Reference Data Sets in Elasticsearch with Python tools and libraries.

whitelist dfir digital-forensics nsrl dfir-automation file-reputation

Updated Jun 26, 2018
Python

Improve this page

Add a description, image, and links to the dfir-automation topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the dfir-automation topic, visit your repo's landing page and select "manage topics."