List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

Wazuh - Docker containers

Information gathering & website reconnaissance | https://phishstats.info/

practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response

Incident Response collection and processing scripts with automated reporting scripts

Docker configurations for TheHive, Cortex and 3rd party tools

Wazuh - Tools for packages creation

Harness the power of Splunk for your investigations

Blazescan is a linux webserver malware scanning and incident response tool, with built in support for cPanel servers, but will run on any linux based server.

Wazuh - Amazon AWS Cloudformation

unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

A triage data collection script for macOS

The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.

Create an incident response triage toolkit for use with Windows or Linux.

The scrip will help you to find some values info for the user that you need as DFIR

🏴‍☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration tasks 😉

Wazuh - Release for Bosh.io

Break-In Analyzer - A script that analyze auth.log, secure, utmp/wtmp for possible SSH break-in attempts