DFIRTrack - The Incident Response Tracking Application
-
Updated
Sep 4, 2024 - Python
#
incident-response-tooling
Here are 26 public repositories matching this topic...
AWS CloudSaga - Simulate security events in AWS
-
Updated
Jan 5, 2026 - Python
A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.
-
Updated
Oct 4, 2025 - Python
AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.
-
Updated
Dec 16, 2024 - Python
A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
python osint portable incident-response python3 dfir infosec tkinter-gui tkinter-python osinttool incident-response-tooling osint-python infosec-19 osint-professionals
-
Updated
Oct 18, 2023 - Python
Forensic toolkit for iOS sysdiagnose feature
-
Updated
Jan 6, 2026 - Python
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
python reverse-shell incident-response python-script plugins python3 handlers pentesting python-3 plugin-system red-team socket-programming security-tools end-to-end-encryption red-teaming reverse-shells pentesting-tools incident-response-tooling live-response
-
Updated
Sep 28, 2025 - Python
The DNA test for websites
api cybersecurity cyber-threat-intelligence phishing-detection incident-response-tooling osint-python url-analysis cybersecurity-tool urlscanner urldna
-
Updated
Nov 25, 2025 - Python
CLI program for automating the setup, configuration, and use of cybersecurity solutions
-
Updated
Feb 12, 2023 - Python
Unpage is the open source framework for building SRE agents with infrastructure context and secure access to any dev tool.
agent devops automation monitoring mcp incident-response site-reliability-engineering sre agents observability aiops incident-response-tooling ai-agent dspy agentic-workflow ai-sre sre-agent
-
Updated
Dec 15, 2025 - Python
Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
linux rootkit incident-response malware intrusion-detection blueteam malware-detection rootkit-hunter incident-response-tooling rootkit-kernel
-
Updated
Sep 29, 2025 - Python
CLI for selecting and back-testing CloudWatch alarm configuration
python windows macos linux shell cli aws terminal cloudwatch cloud-management developer-tools observability incident-response-tooling
-
Updated
Aug 8, 2023 - Python
Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids
ioc incident-response forensics dfir secops digital-forensics security-orchestration security-automation security-tools soar ioc-framework blue-team nextsecurity cyber-threat-intelligence forensics-investigations cybersecurity-incidents cyber-security-team incident-response-tooling dfir-automation
-
Updated
May 3, 2020 - Python
AWMFA - Automated Windows Memory Forensics Analysis. Python automation framework for Volatility 2 that streamlines memory analysis. Features: automated plugin execution with threading, intelligent threat detection using 28+ heuristics, no deep Windows internals knowledge required, multi-format reports (TXT/HTML/PDF).
incident-response dfir cybersecurity malware-analysis digital-forensics memory-analysis automated-analysis volatility forensic-analysis memory-forensics security-tools incident-response-tooling dfir-automation windows-forensics forensics-tools windows-memory dfir-tools
-
Updated
Nov 8, 2025 - Python
systeminfo command for offline system images
-
Updated
Feb 10, 2023 - Python
Incident Response in AWS with Alexa
python aws automation incident-response lambda-functions linux-kernel alexa-skill incident-response-tooling
-
Updated
Aug 12, 2022 - Python
forensics.py is a remote forensic data collection tool that gathers system information, logs, and other relevant data from one or multiple remote hosts.
-
Updated
Sep 4, 2024 - Python
A CLI tool for generating observability queries to assist incident responders during incident investigation.
-
Updated
Mar 9, 2025 - Python
QRadar to Redmine(as Ticketing System) Integration with API CALLS written in Python
python api security redmine incident-response python3 redmine-issues siem incident-management ticketing-system qradar incident-response-tooling qradar-offense
-
Updated
Jul 8, 2021 - Python
Scope is an open source cloud forensic tool to rapidly analyse logs, detect suspicious activity and identify malicious resources. Scope supports Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure.
-
Updated
Mar 26, 2025 - Python
Improve this page
Add a description, image, and links to the incident-response-tooling topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the incident-response-tooling topic, visit your repo's landing page and select "manage topics."