Incident Response

Akamai Hunt

Managed threat hunting service detecting evasive threats in network environments

Exabeam New-Scale Fusion

Security operations platform combining SIEM, UEBA, and SOAR capabilities

CrowdStrike Charlotte AI

AI-powered security assistant for autonomous threat detection and response

SentinelOne Purple AI

AI-powered security operations platform for automated threat analysis and response

Metasploit

A penetration testing framework for identifying and exploiting vulnerabilities.

Team Cymru Pure Signal Recon

Threat intelligence platform providing real-time data from 300bn+ daily IPs

MasterParser

A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.

ANY.RUN

Interactive malware hunting service with live access to the heart of an incident.

Microsoft Security Blog

A cybersecurity blog from Microsoft, featuring articles and guides on various security topics, including AI, threat intelligence, cloud security, and incident response.

AWS Incident Response Investigation of API activity using Athena and notification of actions using EventBridge

An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.

ALEAPP Android Logs Events And Protobuf Parser

ALEAPP is a Python-based forensic tool for parsing Android logs, events, and protobuf data with both CLI and GUI interfaces.

Bait and Switch Honeypot

An active and aggressive honeypot tool for network security.

Admyral

An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.

RegRippy

RegRippy is a modern Python 3 alternative to RegRipper for extracting data from Windows registry hives.

mac_apt

mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.

Belkasoft

Belkasoft offers cybersecurity solutions, training, and tools for businesses, law enforcement, and academia.

Security Response Automation

An automated security response system for Google Cloud that processes Security Command Center findings and executes predefined remediation actions like disk snapshots, IAM revocation, and notifications.

plast

Modular Threat Hunting Tool & Framework

HoneySMB

A high-interaction honeypot solution for detecting and analyzing SMB-based attacks

Honeytrap by Honeytrap

An extensible and open-source system for running, monitoring, and managing honeypots with advanced features.

WindowsSCOPE

A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.

Golismero

A free and open-source OSINT framework for gathering and analyzing data from various sources

GRR Rapid Response

Incident response framework focused on remote live forensics

HIHAT - High Interaction Honeypot Analysis Toolkit

A toolkit that transforms PHP applications into web-based high-interaction Honeypots for monitoring and analyzing attacks.