CIRTKit | CyberSecTools

CIRTKit

0 (0)

CIRTKit is a DFIR console built on top of the Viper Framework, aiming to integrate future integrations with tools like Bit9, Palo Alto Networks, EnCase/FTK, and modules for Packet Analysis, Javascript Unpacking/Deobfuscation, Volatility Memory Analysis Framework, Hex Viewer/Editor, Scripting Framework for automation.

Security Operations

Free

dfir digital-forensics incident-response packet-analysis javascript deobfuscation volatility memory-analysis scripting automation

ALTERNATIVES

sysmon-modular

0 (0)

A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.

Security Operations

Free

repository sysmon sysinternals configuration

Windows Commands Abused by Attackers

0 (0)

Malware allows attackers to execute Windows commands from a remote environment

Security Operations

Free

appsec malware security-tool remote-access windows-security appsec-tool

Clinv

0 (0)

A DevSecOps command line asset inventory tool

Security Operations

Free

asset-inventory command-line-tool devops devsecops inventory pip

Enterprise Detection & Response: A Simple Hunting Maturity Model

0 (0)

A simple maturity model for enterprise detection and response

Security Operations

Free

cybersecurity hunting incident-response security-operations

AWS Incident Response Kit (AIRK)

0 (0)

A module-based AWS response tool for incident response in AWS environments.

Security Operations

Free

aws python incident-response vpc security-group

SOARCA

0 (0)

An open-source SOAR tool for automating threat and incident response workflows using CACAO security playbooks.

Security Operations

Free

automation soar incident-response security-orchestration