The Netflix Security Intelligence and Response Team (SIRT) has released (under Apache 2.0 license) a triage tool to help digital forensics and incident response teams quickly identify compromised hosts on which to focus their response. The tool, written in python 3 and named “Diffy”, is strictly focused on security incidents on cloud architectures.
Recently i’ve published this post focused on hunting malware using volatility and Yara rules.
When you develop an application, often you could need to store some configurations. This data can contain a lot of sensitive informations, and this is a critical point if your sourcecode is hosted on a GitHub repository.