sysmon-modular
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
CIRTKit is a DFIR console built on top of the Viper Framework, aiming to integrate future integrations with tools like Bit9, Palo Alto Networks, EnCase/FTK, and modules for Packet Analysis, Javascript Unpacking/Deobfuscation, Volatility Memory Analysis Framework, Hex Viewer/Editor, Scripting Framework for automation.
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
Malware allows attackers to execute Windows commands from a remote environment
A DevSecOps command line asset inventory tool
A simple maturity model for enterprise detection and response
A module-based AWS response tool for incident response in AWS environments.
An open-source SOAR tool for automating threat and incident response workflows using CACAO security playbooks.