Incident Response Process and Playbooks | Goal: Playbooks to be Mapped to MITRE Attack Techniques

Overview

Join the chat at https://gitter.im/Incident-Playbook/community

PURPOSE OF PROJECT

That this project will be created by the SOC/Incident Response Community

  • Develop a Catalog of Incident Response Playbook for every MITRE Technique (that possible, to make one for).
  • Develop a Catalog of Incident Response Playbook for uncommon incidents.
  • Develop a Catalog of Exercise Scenarios that can be used for training purposes.
  • Develop a Catalog of tools used for Incident Response [Plus Reviews for the different tools].
  • Develop a Catalog of Incident Response Automations.
  • Develop a Catalog of Checklists [For Before, During, After Incidents].
  • Develop a Catalog of Roles that a organization can use, to build their own program.
  • Develop a Catalog of Event Codes and API Actions that you can/will see in a SIEM Detections.


Incident Response Phases

This project will use a modified Incident Response Process of mixing SANS Incident Response Process and NIST Incident Response Process.

NOTE: The common "preparation" phase will not be part of this Incident Response Process, but on each playbook will include a (P) Preparation at the beginning of each playbook.

More than one phase can be running in parallel.

  1. Investigate
  2. Remediate (contain, eradicate)
  3. Communicate
  4. Recover
  5. Lessons Learned

If you have any changes that you think would be good for this incident response process please create a issue description what you want to change to this incident response process.

Inspiration For This Project

Just felt like there was something missing for Incident Response and a centrally place for playbooks, SIEM Processes, Forensics and other processes around Incident Response.

Owner
Austin Songer
Certified Ethical Hacker (CEH), Certified Security Analyst (ESCA) Project+ Bash, Python
Austin Songer
Gerenciador de processos e registros pessoais do Departamento de Fiscalização de Produtos Controlados.

CRManager Gerenciador de processos e registros pessoais do Departamento de Fiscalização de Produtos Controlados. Descrição Este projeto tem como objet

Wolfgang Almeida 1 Nov 15, 2021
My solutions for Advent of Code 2021 🌟🎄

🌟 Advent of Code 2021 🎄 My solutions for Advent of Code 2021. About · What is Advent of Code? · Contents · Usage · Table of puzzles (TODO: add final

Amanda P. Pinha 2 Dec 05, 2022
Cross-platform MachO/ObjC Static binary analysis tool & library. class-dump + otool + lipo + more

ktool Static Mach-O binary metadata analysis tool / information dumper pip3 install k2l Development is currently taking place on the @python3.10 branc

Kritanta 301 Dec 28, 2022
Open source tools to allow working with ESP devices in the browser

ESP Web Tools Allow flashing ESPHome or other ESP-based firmwares via the browser. Will automatically detect the board type and select a supported fir

ESPHome 195 Dec 31, 2022
Python script to automate the change of desktop background

wallomator Python script to automate the change of desktop background A python script that automates the process of changing the desktop background. I

Mohammed Haaris Javed 10 Jun 16, 2022
Necst-lib - Pure Python tools for NECST

necst-lib Pure Python tools for NECST. Features This library provides: something

NANTEN2 Group 5 Dec 15, 2022
Simple tools for the Horse Reality webgame

Realtools (Web Tools for Horse Reality) These tools were made on request from a close friend of mine who plays this game. A live instance can be found

shay 0 Sep 06, 2022
Python code for YouTube videos.

#This is a open source project. Python 3 These files are mainly intended to accompany my series of YouTube tutorial videos here, https://www.youtube.c

Joe James 1.3k Dec 26, 2022
Personal Assistant Tessa

Personal Assistant Tessa Introducing our all new personal assistant Tessa..... An intelligent virtual assistant (IVA) or intelligent personal assistan

Anusha Joseph 4 Mar 08, 2022
Mata kuliah Bahasa Pemrograman

praktikum2 MENGHITUNG LUAS DAN KELILING LINGKARAN FLOWCHART : OUTPUT PROGRAM : PENJELASAN : Tetapkan nilai pada variabel sesuai inputan dari user :

2 Nov 09, 2021
Project in which we modelise an Among Us problem using graph theories.

Python-AmongUsProblem Project in which we modelise an Among Us problem using graph theories. The rules are as following: Total of 100 players 10 playe

Gabriel Shenouda 1 Feb 09, 2022
Python most simple|stupid programming language (MSPL)

Most Simple|Stupid Programming language. (MSPL) Stack - Based programming language "written in Python" Features: Interpretate code (Run). Generate gra

Kirill Zhosul 14 Nov 03, 2022
Gmvault: Backup and restore your gmail account

Gmvault: Backup and restore your gmail account Gmvault is a tool for backing up your gmail account and never lose email correspondence. Gmvault is ope

Guillaume Aubert 3.5k Jan 01, 2023
Скрипт позволяет выгрузить участников чатов/каналов(по чату для комментариев) и сообщения в различные форматы файлов.

TG-Parser Парсер участников и сообщений из ТГ-Чатов и чатов для комментариев в ТГ-Каналах Возможности Выгрузка участников групп/каналов(по чату для ко

50 Jan 06, 2023
VirtualBox Power Driver for MAAS (Metal as a Service)

vboxpower VirtualBox Power Driver for MAAS (Metal as a Service) A way to manage the power of VirtualBox virtual machines via the MAAS webhook driver.

Saeid Bostandoust 131 Dec 17, 2022
A framework that let's you compose websites in Python with ease!

Perry Perry = A framework that let's you compose websites in Python with ease! Perry works similar to Qt and Flutter, allowing you to create componen

Linkus 13 Oct 09, 2022
Notebooks for computing approximations to the prime counting function using Riemann's formula.

Notebooks for computing approximations to the prime counting function using Riemann's formula.

Tom White 2 Aug 02, 2022
A simple Python script for generating a variety of hashes from safe urandom entropy.

Hashgen A simple Python script for generating a variety of hashes from safe urandom entropy. For whenever you need a random hash (e.g. generating an a

Xanspie 1 Feb 17, 2022
Aggressor script that gets the latest commands from CobaltStrikes web site and creates an aggressor script based on tool options.

opsec-aggressor Aggressor script that gets the latest commands from CobaltStrikes opsec page and creates an aggressor script based on tool options. Gr

JP 10 Nov 26, 2022
Python solutions to Codeforces problems

CodeForces This repository is dedicated to my Python solutions for CodeForces problems. Feel free to copy, contribute and/or comment. If you find any

Shukur Sabzaliev 15 Dec 20, 2022