Alternatives and similar repositories for ai-runbooks

Users that are interested in ai-runbooks are comparing it to the libraries listed below

• dandye / adk_runbooks
  ☆55Updated last month
• anvilogic-forge / armory
  Anvilogic Forge
  ☆113Updated 2 months ago
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆189Updated 10 months ago
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆101Updated last year
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆132Updated last year
• korniko98 / pivot-atlas
  ☆100Updated last month
• fr0gger / nova-framework
  NOVA: The Prompt Pattern Matching
  ☆57Updated last month
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆114Updated last year
• TactiKoolSec / OTHF
  Open Threat Hunting Framework
  ☆120Updated 2 years ago
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆88Updated last month
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆89Updated 2 years ago
• Cyb3rWard0g / IntelRAGU
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆91Updated last year
• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆143Updated 3 years ago
• k-bailey / detection-engineering-maturity-matrix
  ☆98Updated 3 years ago
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77Updated last year
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆141Updated last year
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆132Updated 7 months ago
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆96Updated this week
• OTRF / GenAI-Security-Adventures
  ☆108Updated last year
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆59Updated 3 years ago
• elastic / SWAT
  ☆166Updated 2 months ago
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆81Updated last year
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆125Updated 2 years ago
• AttackIQ / DetectIQ
  ☆117Updated 6 months ago
• mitre / emu
  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense
  ☆34Updated 2 months ago
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆103Updated last year
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆47Updated last year
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆166Updated 2 weeks ago
• dwillowtree / diana
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆222Updated last year
• aws-samples / jupyter-notebook-for-incident-response
  A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…
  ☆151Updated 2 years ago