Incident Response

Atlas

Awesome Lists

• st0pp3r/awesome-soc-analyst

Templates

• Shift Handover Template
• Simple User Clarification Message
• Simple Case Summary Template
• Phishing Case Summary Template
• Risky User Template

Tools

• General Search / IOC
  • VirusTotal
  • GreyNoise
  • FOFA Search Engine
  • Cisco Talos Intelligence Search
  • Pulsedive
  • Shodan
  • AlienVault OTX
  • IBM X-Force Exchange
  • ThreatFox
  • ThreatMiner
• Domain / IP
  • DomainTools Whois Lookup
  • DNSDumpster
  • MxToolbox Lookup Tool
  • AbuseIPDB
  • ipstack
  • IPinfo
  • ASN Lookup
  • Google Admin Toolbox
  • Qualys SSL Labs
  • urlscan.io
  • urlquery
• File
  • Compiler Explorer
  • Decompiler Explorer
  • Assembler Simulator
  • EchoTrail
  • xCyclopedia
  • WTFBins
  • Winbindex
  • oletools
  • peepdf
  • XLMMacroDeobfuscator
• Sandbox / Detonation Chamber
  • Joe Sandbox
  • ANY.RUN
  • Hybrid Analysis
• Malware Family
  • Malpedia
  • Objective-See’s Mac Malware Collection
• Parsers / Beautifiers
  • CyberChef
  • JSDetox
• Certificates
  • crt.sh
  • Certstream
• Browser Extensions
  • Browser Extension Lookup

---

Relevant Note(s): Defensive Security Digital Forensics