Kansa Logo

Kansa

0
Free
Visit Website

A modular incident response framework in Powershell that uses Powershell Remoting to run user-contributed modules across hosts in an enterprise to collect data for incident response, breach hunts, or building an environmental baseline. It's recommended to upgrade to Powershell v3 or later for optimal performance. For more information, visit: - http://trustedsignal.blogspot.com/search/label/Kansa - http://www.powershellmagazine.com/2014/07/18/kansa-a-powershell-based-incident-response-framework/ To use it, after downloading and unzipping the project, unblock the ps1 files by running: ls -r *.ps1 | Unblock-File. Ensure to check and set your execution policies accordingly.

FEATURES

ALTERNATIVES

A DevSecOps command line asset inventory tool

An automation platform with community support and documentation for easy development.

A Security Orchestration, Automation and Response (SOAR) platform for incident response and threat hunting.

A pentest management platform that automates reporting workflows, provides client collaboration tools, and streamlines the entire penetration testing lifecycle from scoping to remediation.

Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.

WALKOFF is an automation framework for integrating capabilities and devices to streamline tasks.

Automated Digital Forensics and Incident Response (DFIR) software for rapid incident response and intrusion investigations.

A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.