The Friendly Manual

Description:

Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes

Description:

Chainsaw provides a powerful a first-response capability to quickly identify threats within Windows forensic artefacts such as Event Logs and MFTs. Chainsaw offers a generic and fast method of searching through event logs for keywords, and by identifying threats using built-in support for Sigma detection rules, and via custom Chainsaw detection rules.

Description:

Cuckoo Sandbox is an automated dynamic malware analysis system PLEASE NOTE: Cuckoo Sandbox 2.x is currently unmaintained. Any open issues or pull requests will most likely not be processed, as a current full rewrite of Cuckoo is undergoing and will be announced soon.

Description:

Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms including Windows, macOS, and Linux. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidra supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes. Users may also develop their own Ghidra extension components and/or scripts using Java or Python.

Description:

Lightweight fuzzing of a memory snapshot using KVM