Alternatives and similar repositories for ai-runbooks

Users that are interested in ai-runbooks are comparing it to the libraries listed below

• fr0gger / nova-framework
  NOVA: The Prompt Pattern Matching
  ☆168Updated last month
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆176Updated 7 months ago
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆124Updated 4 months ago
• dandye / adk_runbooks
  ☆46Updated last week
• dwillowtree / diana
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆190Updated last year
• AttackIQ / DetectIQ
  ☆115Updated 3 months ago
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆128Updated last year
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆84Updated 3 months ago
• korniko98 / pivot-atlas
  ☆94Updated last month
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆102Updated last year
• anvilogic-forge / armory
  Anvilogic Forge
  ☆107Updated 2 weeks ago
• Cyb3rWard0g / IntelRAGU
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆90Updated last year
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆89Updated last year
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆94Updated this week
• nasbench / Eventlog_Compendium
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆48Updated 4 months ago
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆77Updated last year
• infosecn1nja / TTPMapper
  TTPMapper is an AI-driven threat intelligence parser that converts unstructured reports whether from web URLs or PDF files into structure…
  ☆43Updated 2 months ago
• vectra-ai-research / Halberd
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆306Updated 2 weeks ago
• OTRF / GenAI-Security-Adventures
  ☆106Updated last year
• Yamato-Security / suzaku
  Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
  ☆147Updated last week
• okta / customer-detections
  ☆146Updated this week
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆47Updated 10 months ago
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77Updated last year
• karmine05 / DEF3ND
  🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…
  ☆43Updated 2 months ago
• cudeso / proof-value-cti
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆52Updated 10 months ago
• CiscoCXSecurity / Detection-Engineering-Framework
  ☆87Updated last month
• mgreen27 / mcp-velociraptor
  VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.
  ☆50Updated 3 weeks ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆137Updated last year
• facebookincubator / ForgeArmory
  ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
  ☆117Updated 11 months ago
• wiz-sec-public / wiz-research-iocs
  ☆44Updated last month