Awesome Incident Response Awesome Check URLs

A curated list of tools and resources for security incident response, aimed to help security analysts and DFIR teams.

Digital Forensics and Incident Response (DFIR) teams are groups of people in an organization responsible for managing the response to a security incident, including gathering evidence of the incident, remediating its effects, and implementing controls to prevent the incident from recurring in the future.

Contents

IR Tools Collection

Adversary Emulation

All-In-One Tools

Books

Communities

Disk Image Creation Tools

Evidence Collection

Incident Management

Knowledge Bases

Linux Distributions

Linux Evidence Collection

Log Analysis Tools

Memory Analysis Tools

Memory Imaging Tools

OSX Evidence Collection

Other Lists

Other Tools

Playbooks

Process Dump Tools

Sandboxing/Reversing Tools

Scanner Tools

Timeline Tools

Videos

Windows Evidence Collection