Kansa Logo

Kansa

0
Free
Visit Website

A modular incident response framework in Powershell that uses Powershell Remoting to run user-contributed modules across hosts in an enterprise to collect data for incident response, breach hunts, or building an environmental baseline. It's recommended to upgrade to Powershell v3 or later for optimal performance. For more information, visit: - http://trustedsignal.blogspot.com/search/label/Kansa - http://www.powershellmagazine.com/2014/07/18/kansa-a-powershell-based-incident-response-framework/ To use it, after downloading and unzipping the project, unblock the ps1 files by running: ls -r *.ps1 | Unblock-File. Ensure to check and set your execution policies accordingly.

FEATURES

ALTERNATIVES

A GraphQL security testing tool

A framework for improving detection strategies and alert efficacy.

Incident Response Documentation tool for tracking findings and tasks.

Open source application to instantly remediate common security issues through the use of AWS Config.

An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.

AIL Framework is a modular system for analyzing and detecting information leaks from unstructured data sources, with capabilities for data extraction, correlation, and integration with threat intelligence platforms.

Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.

Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.