Incident Response

15 bookmarks

Custom sorting

Hypothesis-Driven Hunting with the PEAK Framework

Details on hypothesis-driven threat hunting with the PEAK framework.

·splunk.com·Nov 28, 2023

Hypothesis-Driven Hunting with the PEAK Framework

The RULER Project

The Really Useful Logging and Event Repository Project

·ruler-project.github.io·Nov 25, 2023

The RULER Project

0x4D31/awesome-threat-detection

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

#threat-hunting

·github.com·Nov 23, 2023

0x4D31/awesome-threat-detection

UncoderIO/Uncoder_IO: An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.

An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy. - GitHub - UncoderIO/Uncoder_IO: An IDE and translation engine for detection e...

·github.com·Nov 22, 2023

UncoderIO/Uncoder_IO: An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.

google/grr

GRR Rapid Response: remote live forensics for incident response

·github.com·Nov 20, 2023

google/grr

Yamato-Security/hayabusa: Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs. - GitHub - Yamato-Security/hayabusa: Hayabusa (隼) is a sigma-based threat hunting and fast...

·github.com·Nov 14, 2023

Yamato-Security/hayabusa: Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

jtmoon79/super-speedy-syslog-searcher

Speedily search and merge log messages by datetime

·github.com·Oct 30, 2023

jtmoon79/super-speedy-syslog-searcher

LetsDefend/incident-response-playbooks

Contribute to LetsDefend/incident-response-playbooks development by creating an account on GitHub.

·github.com·Oct 10, 2023

LetsDefend/incident-response-playbooks

0x4D31/detection-and-response-pipeline: ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The purpose is to create a reference hub for designing effective threat detection and response pipelines. 👷 🏗

✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The purpose is to create a reference hub for designing effective...

·github.com·Jul 11, 2023

DFIR triage and Timeline Analysis

During incident response, it is essential to establish a full context around the time of alert or when suspicious activity was identified…

·medium.com·Aug 23, 2022

DFIR triage and Timeline Analysis

GitHub - meirwah/awesome-incident-response: A curated list of tools for incident response

A curated list of tools for incident response. Contribute to meirwah/awesome-incident-response development by creating an account on GitHub.

#awesome-list #incident-response

·github.com·Oct 7, 2022

GitHub - meirwah/awesome-incident-response: A curated list of tools for incident response

Linux Forensics

Everything related to Linux Forensics

#linux-defense #forensics

·linuxdfir.ashemery.com·Jan 24, 2023

Linux Forensics

GitHub - cugu/awesome-forensics: A curated list of awesome forensic analysis tools and resources

A curated list of awesome forensic analysis tools and resources - GitHub - cugu/awesome-forensics: A curated list of awesome forensic analysis tools and resources

#forensics #awesome-list

·github.com·Jan 24, 2023

GitHub - cugu/awesome-forensics: A curated list of awesome forensic analysis tools and resources