Velociraptor alternatives for AI agents.

Fast and efficient osquery management

Collaborative Incident Response platform

Cortex: a Powerful Observable Analysis and Active Response Engine

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Cortex Analyzers Repository

Volatility 3.0 development

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

Open-source cross-platform endpoint detection engine for Windows, macOS, and Linux using ETW, ESF, eBPF, Sigma, YARA, IOCs, and ECS NDJSON alerts.

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Cross-platform incident response and live forensics toolkit with built-in detection, structured analysis, and report generation — designed for fast, actionable security investigations.

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.