awesome-incident-response
github.com/meirwah/awesome-incident-response ↗A curated list of tools for incident response
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me disk image creation tools resources from awesome-incident-response"
Installation instructions →What's inside
IR Tools Collection
- AccessData FTK ImagerDisk Image Creation Tools
Forensics tool whose main purpose is to preview recoverable data from a disk of any kind. FTK Imager can also acquire live memory and paging file on 32bit and 64bit systems.
- AChoirWindows Evidence Collection
Framework/scripting tool to standardize and simplify the process of scripting live acquisition utilities for Windows.
- AcquireEvidence Collection
Acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container. This makes Acquire an excellent tool to, among others, speedup the process of digital forensic triage. It uses
- Any RunSandboxing/Reversing Tools
Interactive online malware analysis service for dynamic and static research of most types of threats using any environment.
- AppCompatProcessorLog Analysis Tools
AppCompatProcessor has been designed to extract additional value from enterprise-wide AppCompat / AmCache data beyond the classic stacking and grepping techniques.
- Applied Incident ResponseBooks
Steve Anson's book on Incident Response.
Showing a sample of 219 resources. View the full list on GitHub →