incident-response-network
CommunityGuided network forensics for incident response.
Data & Analytics#incident-response#timeline-reconstruction#evidence-collection#forensic-analysis#network-forensics#flow-records
Authorvahagn-madatyan
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It guides security teams through network-forensics evidence collection and analysis during incidents, ensuring volatile data is preserved, lateral movement is detected, and containment can be verified without affecting live devices.
Core Features & Use Cases
- Evidence-preservation workflow for ARP/MAC/CAM, routing state, and flow data across Cisco, Juniper, and Arista devices.
- Read-only verification of containment measures and timeline reconstruction from multiple data sources.
- Vendor-specific CLI references and methodology for cross-device coordination during incident response.
Quick Start
Start by collecting ARP/MAC tables and routing state for the incident window, then proceed to verify flow records and reconstruct the timeline using read-only commands.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: incident-response-network Download link: https://github.com/vahagn-madatyan/netsec-skills-suite/archive/main.zip#incident-response-network Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.