TheIRGurus / Playbooks

Related projects ⓘ

Alternatives and complementary repositories for Playbooks

• IBM / wincollect
  ☆58Updated last year
• syloktools / MISP-QRADAR-REFERENCE-SET-BUILDER
  Pulls IOCs from MISP and adds the to reference sets in QRadar
  ☆33Updated last year
• jjfallete / resilient
  Resilient Automation Functions and Scripts
  ☆15Updated 2 years ago
• ibmresilient / resilient-community-apps
  Source code for IBM SOAR Apps that are available on our App Exchange
  ☆91Updated this week
• elysiumsecurityltd / IRM
  Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General
  ☆23Updated 2 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• msraju / Incident-Response-Playbooks
  ☆41Updated 2 years ago
• ibmresilient / resilient-scripts
  Example scripts and rules for use in Resilient playbooks.
  ☆34Updated 11 months ago
• StrangeBeeCorp / thehive-templates
  ☆20Updated last year
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆39Updated 2 years ago
• NdS-Research-Facilities / QRadar-ruleset
  QRadar Export the rule set for printing
  ☆22Updated 7 years ago
• IBM / IBM-QRadar-Universal-Cloud-REST-API
  These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.
  ☆46Updated 2 weeks ago
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆116Updated 11 months ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆109Updated last year
• SentineLabs / S1QL-Queries
  ☆52Updated last year
• josh-morin / qradar
  Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
  ☆78Updated 3 months ago
• siriussecurity / dettectinator
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆104Updated 2 weeks ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 7 months ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆19Updated 2 years ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆115Updated 4 years ago
• strozfriedberg / greppin-logs
  2021 SANS DFIR Summit: Greppin' Logs
  ☆21Updated 3 years ago
• cudeso / misp2sentinel
  MISP to Sentinel integration
  ☆60Updated this week
• PolarBearGod / CrowdStrike-RTR-Scripts
  ☆26Updated 3 years ago
• dlcowen / sansfor509
  Public script from SANS FOR509 Enterprise Cloud Incident Response
  ☆179Updated 2 months ago
• trellix-enterprise / RTS-Queries
  Practical Orientation Of MVISION EDR Query Language
  ☆34Updated last year
• target / Threat-Hunting
  Detection of obfuscated Powershell commands
  ☆54Updated last year
• MISP / misp-stix
  MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats
  ☆50Updated this week
• P4T12ICK / Sigma-Hunting-App
  A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
  ☆107Updated 4 years ago
• k-bailey / detection-engineering-maturity-matrix
  ☆87Updated 2 years ago