Rustinel alternatives for AI agents.

Digging Deeper....

Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Tools and Techniques for Blue Team / Incident Response

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Fast and efficient osquery management

Volatility 3.0 development

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found within the library

Collaborative Incident Response platform

Cortex: a Powerful Observable Analysis and Active Response Engine

UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.