Cloud Inquisitor – Enforce data security in AWS

Cloud Inquisitor can be used to improve the security posture of your AWS footprint through

ccat – Cisco Config Analysis Tool

ccat is a tool designed to analyze the configuration files of Cisco devices. The list of checks is based on the Cisco Guide to Harden Cisco IOS Devices.

Userline – Query Logons relations Using Windows Security Events

Userline is a tool that automates process of creating logon relations from MS Windows Security Events by showing a graphical relation among users domains, source, and destination logons as well as session duration.

OSXCollector – Forensic Evidence Collection Toolkit

OSXCollector is a forensic evidence collection & analysis toolkit for OSX.The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases and the local file

sysprofiler -windows disk images profiling

Sysprofiler is a Bash script that uses a combination of existing tools and manual processing to extract these artefacts and output them into either a Tab Separated (TSV) file, which can be opened as a spreadsheet, or a plaintext (TXT)

RedELK – Red Team’s SIEM Framework

RedELK - Red Team's SIEM - easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

nightHawkResponse – Incident Response Framework

nightHawkResponse is a custom built application for asynchronus forensic data presentation on an Elasticsearch backend. This application is designed to ingest a Mandiant Redline "collections" file and give flexibility in search/stack and tagging.