CIRTKit is a DFIR console built on top of the Viper Framework, aiming to integrate future integrations with tools like Bit9, Palo Alto Networks, EnCase/FTK, and modules for Packet Analysis, Javascript Unpacking/Deobfuscation, Volatility Memory Analysis Framework, Hex Viewer/Editor, Scripting Framework for automation.
FEATURES
ALTERNATIVES
A DFIR Playbook Spec based on YAML for collaborative incident response processes.
A collection of Cyber Incident Response Playbook Battle Cards (PBC) for combating cyber threats and attacks, following a prescriptive approach inspired by CERT Societe Generale's IRM.
Shuffle is a platform for automating security workflows with confidence, offering templates, collaboration tools, and a large app library.
A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.
Malware allows attackers to execute Windows commands from a remote environment
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.