cisagov / playbook-ngView external linksLinks
Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and eviction.
☆155Dec 5, 2025Updated 2 months ago
Alternatives and similar repositories for playbook-ng
Users that are interested in playbook-ng are comparing it to the libraries listed below
Sorting:
- AWSDoor is a red team automation tool designed to simulate advanced attacker behavior in AWS environments☆30Sep 17, 2025Updated 5 months ago
- Cyber Threat Intelligence☆74Dec 7, 2025Updated 2 months ago
- A scalable file analysis and data generation platform that allows users to easily orchestrate arbitrary docker/vm/shell tools at scale.☆982Feb 4, 2026Updated last week
- Your Browser-based EVTX Companion☆112Feb 8, 2026Updated last week
- Performs review of Entra ID users and their assigned roles based on least privilege principle and actual Entra ID operations performed wi…☆30Feb 10, 2026Updated last week
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆13Jan 5, 2026Updated last month
- An OpenAI API Compatible Honeypot Gateway☆17Mar 17, 2025Updated 10 months ago
- Leverages B64 chunks to split files and save to clipboard☆26Dec 7, 2025Updated 2 months ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CK☆197Nov 25, 2025Updated 2 months ago
- Telegram Bot that performs checks of the yararules.com ruleset☆13May 13, 2016Updated 9 years ago
- Orchestrate detonating your MalDev in VMs with different EDRs to see their detection surface.☆22Jan 30, 2026Updated 2 weeks ago
- ☆21Jan 8, 2026Updated last month
- Security Blogs - A simple aggregator for security news/blog☆24Jan 19, 2026Updated 3 weeks ago
- A tool to reverse engineer and inspect the RPM and APT databases to list all the packages along with executables, service, versions and C…☆17Feb 8, 2026Updated last week
- An IAM Simulator that outputs detailed explains of how a request was evaluated.☆97Updated this week
- Mapping of open-source detection rules and atomic tests.☆195Updated this week
- BlueSky OSINT Tool☆14Dec 10, 2024Updated last year
- X-Ways C# X-Tension API☆15May 28, 2013Updated 12 years ago
- Scripts targeting specific families☆13Jul 3, 2017Updated 8 years ago
- Splunk TA for alert action to TheHive-project☆11May 13, 2020Updated 5 years ago
- Dumping App Bound Protected Credentials & Cookies Without Privileges.☆59Nov 4, 2025Updated 3 months ago
- This repo contains a list of vendors that hide their security advisories, alerts, notices, vulnerabilities, and more behind either a payw…☆32May 11, 2024Updated last year
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆72Apr 3, 2024Updated last year
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆110Jul 21, 2025Updated 6 months ago
- Tools to make life easier ^_^☆13Aug 21, 2025Updated 5 months ago
- A BrainF*ck Inspired Shell Obfuscation Proof-of-Concept☆16Mar 11, 2024Updated last year
- Incident Response Playbooks☆15Jun 10, 2019Updated 6 years ago
- Helm charts for running open source digital forensic tools in Kubernetes☆182Feb 9, 2026Updated last week
- ☆73Oct 2, 2025Updated 4 months ago
- Binary Exploitation Phrack CTF Challenge☆70Aug 21, 2025Updated 5 months ago
- Nakamoto is a 2 layer encryption tool to protect your data and your cyptocurrency☆15Nov 13, 2025Updated 3 months ago
- A framework and taxonomy for identifying, classifying, and reasoning about detection logic bugs in SIEM, EDR, and XDR rules, with concret…☆40Updated this week
- ☆13Aug 18, 2016Updated 9 years ago
- SimpleCrypt is a powerful command-line tool designed for securely encrypting and decrypting files and directories using AES-256 encryptio…☆20Nov 10, 2025Updated 3 months ago
- Automatic Microsoft Sentinel Deployment☆16Apr 1, 2025Updated 10 months ago
- Python3 implementation of ADRecon with support for NTLM and Kerberos authentication. Generates individual CSV files and a single XSLX rep…☆39Updated this week
- DEFCON 31 slide deck and video link☆66Jun 2, 2025Updated 8 months ago
- ☆139Aug 7, 2025Updated 6 months ago