Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azur…

M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response capabilities.

A centralized and enhanced memory analysis platform

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

Digging Deeper....

Simple ZIP SFX stub in Go

Python library to carry out DFIR analysis on the Cloud

Simulates a compromise in a cloud and container environment

The AWS Provider enables Terraform to manage AWS resources.

DFIRTrack - The Incident Response Tracking Application

Collaborative forensic timeline analysis

Super timeline all the things

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

⭐️ A curated list of awesome forensic analysis tools and resources

A modification of the Apple Mail plugin for GnuPG encrypted e-mails, so it does not require a support plan.

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

efa - electronic Logbook for Rowing and Canoeing

Repository for the efaLive Debian package

This project holds the efaLive CD configuration for live-helper

Firebase Cloud Firestore support library for iOS. 🧢

Python API Client for TheHive

Remote forensics meta tool

Cortex Analyzers Repository

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Python library using the MISP Rest API

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.