Penetration testing commands for Incident Response

Incident response is the structured approach to addressing and managing security breaches or attacks. This category encompasses planning, detection, containment, eradication, and recovery processes.

NameDescriptionPrice
DFIR ORCForensics artefact collection tool for systems running Microsoft WindowsFree
DFIRTrackIncident response tracking web application, focused on handling one major incident with a lot of affected systemsFree
FenrirIOC scannerFree
IntelMQSolution for collecting and processing security feeds using a message queuing protocolFree
IRISCollaborative platform aiming to help incident responders sharing technical details during investigationsFree
LokiIOC scannerFree
MuninOnline hash checker for Virustotal and other servicesFree
OsqueryUses SQL queries to monitor and analyze operating systems, providing endpoint visibility for securityFree
SCOTSandia Cyber Omni Tracker; cyber security incident response management system and knowledge baseFree
SigmaGeneric signature format for SIEM systemsFree
ThreatHoundWindows event log file viewer and analyserFree
uncoder.ioTranslate sigma rules into various SIEM, EDR, and XDR formatsFree
YARAPattern matching helping malware researchers to identify and classify malware samplesFree
Yara ToolkitYara rules editor, generator, scannerFree
yarAnalyzerCreates statistics on a yara rule set and files in a sample directoryFree
yarGenYARA rules generatorFree
YAYAYet Another Yara Automaton; automatically curate open source yara rules and run scansFree