Rastrea2r
Rastrea2r is a multi-platform open source tool that allows incident responders and SOC analysts to triage suspect systems and hunt for Indicators of Compromise (IOCs) across thousands of endpoints in minutes. It can execute sysinternal, system commands and other 3rd party tools (including custom scripts) across multiple endpoints, saving the output to a centralized share for automated or manual analysis. By using a client/server RESTful API, rastrea2r can also hunt for IOCs on disk and memory across multiple systems using YARA rules. As a command line tool, rastrea2r can be easily integrated within McAfee ePO, as well as other AV consoles and orchestration tools, allowing incident responders and SOC analysts to collect forensic evidence and hunt for IOCs without the need for an additional agent.
FEATURES
ALTERNATIVES
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
A human risk management platform that identifies, assesses, and mitigates security risks associated with employee behavior through monitoring, targeted interventions, and comprehensive reporting.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
A cybersecurity and privacy playbook management platform that enables teams to create, store, share, and implement standardized security procedures through a no-code interface.
A set of scripts for collecting forensic data from Windows and Unix systems respecting the order of volatility.
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
A proof of concept for using the SSM Agent in Fargate for incident response
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.