
MalwLess is a open source tool developed in C# for blue teams that allows you to test your SIEM and security systems. Basically you can…

LDSI is a SIEM (Security Information and Event Management system) written in Python Django. It features a web frontend, and handles log management and forensics,…

The Heartbeat computer (server or client–doesn’t matter) delivers messages to a file on the Monitor computer via SSH. The Monitor checks the file and executes…

remediation is a Tools and utilities for remediation and incident-response handling. JewelRunner is intended to quickly analyze tcp/ip traffic for a target host and create…

firecall scripts are designed to automate sending commands to a Cisco ASA firewall. The intended purpose here is to eliminate the need to manually log…

Natlog is a utility logging traffic through a firewall that performs source-NATting (a.k.a. POSTROUTING). Firewalls like iptables usually offer POSTROUTING source network address translation facilities…

Get-Baseline is a wrapper PowerShell script for a number of functions that automates the initial tasks in an incident response scenario. Prerequisites: + on Targets:…

What is wsd? Wirespy is a simple network sniffer for information security that extracts interesting metadata about network traffic and logs it. That sounds like…