DeTT&CT aims to assist blue teams using ATT&CK to score and compare data log source quality, visibility coverage, detection coverage…
DeTT&CT aims to assist blue teams using ATT&CK to score and compare data log source quality, visibility coverage, detection coverage…
The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event…
SysmonX is an open-source, community-driven, and drop-in replacement version of Sysmon that provides a modularized architecture with the purpose of…
ADRecon provides a holistic picture of the current state of AD environment. This tool can be used by Blue Team,…
nightHawkResponse is a custom built application for asynchronus forensic data presentation on an Elasticsearch backend. This application is designed to…
TheHive is a scalable 3-in-1 open source and free Security Incident Response Platform designed to make life easier for SOCs,…
Cyber Triage is an Incident response framework that will investigate remote systems and endpoint by pushing a collection of tools…
Mozilla Investigator MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from…
The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. The software consists of two…
Cyber Incident Response Tools are more often used by security industries to test the vulnerabilities and provide an emergency incident…