nightHawkResponse is a custom built application for asynchronus forensic data presentation on an Elasticsearch backend. This application is designed to ingest a...
Cyber Triage is an Incident response framework that will investigate remote systems and endpoint by pushing a collection of tools over the...
Mozilla Investigator MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers...
The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. The software consists of two components: a...
Cortex tries to solve a common problem frequently encountered by SOCs, CSIRTs and security researchers in the course of threat intelligence, digital forensics,...
LogonTracer uses PageRank and ChangeFinder to detect malicious hosts and accounts from the event log. This tool can visualize the following event id related to Windows...
As its name suggests, the main function of a SIEM is Event management. The SIEM solution once implemented completely & effectively will...
Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses...
Cyphon is a big data platform that aggregates, standardizes, and enhances data for easier analysis. Many businesses rely on emails to manage...
The Sandia Cyber Omni Tracker (SCOT) is a cyber security incident response management system and knowledge base. Designed by cyber security incident...