Tools and Techniques for Blue Team / Incident Response

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Monzo's real-time incident response and reporting tool ⚡️

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

A concise, directive, specific, flexible, and free incident response plan template

SIEM Tactics, Techiques, and Procedures

BlueWave Uptime is an open-source, self-hosted monitoring tool built with React.js, Node.js, and MongoDB, designed to track server uptime, response times, and incidents in real-time with beautiful visualizations. Get powerful insights and proactive alerts to keep your services running smoothly.

An opensource incident management platform integrating with Slack.

On-Call Assistant for Prometheus Alerts - Get a head start on fixing alerts with AI investigation

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

Open-source AI copilot that lets you chat with your observability data and code 🧙‍♂️

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Netlify StatusKit is a template to deploy your own Status pages on Netlify.

A curated list of tools for incident response. With repository stars⭐ and forks🍴

Open Source Statuspage Software

First Response Online is a communication and collaboration platform built to support first responders. It lets police officers, fire fighters, and paramedics share critical data with each other in near real-time. It supports iPhone, iPad, and PC and integrates with computer aided dispatch and GPS tracking. Units in the field can update their sta…

Incident Manager Hellper bot aims to orchestrate the process and resolution of incidents, reducing the time spent with manual tasks and ensuring that the necessary steps are fulfilled in the right order. Also, it facilitates the measurement of impact and response rate through metrics.

A collection of hopefully useful document templates for engineering orgs

A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources about Incident Response & Management in Cybersecurity