dfir-dd/incident-response-playbooks external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

dfir-dd/incident-response-playbooks

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/dfir-dd/incident-response-playbooks)

Close

dfir-dd / incident-response-playbooksView on GitHubMore

• External links
• Readme badge

Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents

☆52Apr 25, 2024Updated 2 years ago

Alternatives and similar repositories for incident-response-playbooks

Users that are interested in incident-response-playbooks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• chandunsa / IRP

  View on GitHub
  Incident Response Playbooks
  ☆15Jun 10, 2019Updated 6 years ago
• elysiumsecurityltd / IRM

  View on GitHub
  Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General
  ☆24Dec 16, 2021Updated 4 years ago
• dfir-dd / dionysos

  View on GitHub
  Scanner for certain IoCs
  ☆11Jan 29, 2025Updated last year
• guardsight / gsvsoc_cirt-playbook-battle-cards

  View on GitHub
  Cyber Incident Response Team Playbook Battle Cards
  ☆433May 10, 2024Updated 2 years ago
• msraju / Incident-Response-Playbooks

  View on GitHub
  ☆50Oct 28, 2022Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• advanced-threat-research / Ripple-20-Detection-Logic

  View on GitHub
  Ripple20 Critical Vulnerabilities - Detection Logic and Signatures
  ☆12May 28, 2021Updated 5 years ago
• knightmare2600 / wintools

  View on GitHub
  Useful windows tools for Blue, Red & Purple teams
  ☆11May 20, 2026Updated last week
• jiansiting / ripple20-poc

  View on GitHub
  Treck Network Stack Discovery Tool by JSOF
  ☆34Jun 30, 2020Updated 5 years ago
• guardsight / gsvsoc_mission-model

  View on GitHub
  Incident Response Report Using GitHub-Sphinx
  ☆21Oct 28, 2019Updated 6 years ago
• janstarke / evtxview

  View on GitHub
  evtxview is a GUI viewer for Microsoft Windows evtx files (Windows event logs). I'm hacking this tiny tool because I need such a tool in …
  ☆16Dec 14, 2020Updated 5 years ago
• p4gs / Okta-Incident-Response-Playbook

  View on GitHub
  A generic security incident response playbook investigating and responding to potential compromises of Okta's internal systems, in the co…
  ☆21Mar 24, 2022Updated 4 years ago
• corelight / threat-hunting-guide

  View on GitHub
  ☆58Mar 4, 2022Updated 4 years ago
• sroberts / sapho

  View on GitHub
  A homebrewed cyber threat intelligence solution
  ☆20Nov 20, 2012Updated 13 years ago
• wectf / 2020

  View on GitHub
  WeCTF 2020 Source Code & Organizer's Writeup
  ☆31Feb 5, 2021Updated 5 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• NVISOsecurity / evtx-hunter

  View on GitHub
  evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
  ☆158Nov 30, 2021Updated 4 years ago
• Maboalenen / DFIR

  View on GitHub
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆48Jan 2, 2022Updated 4 years ago
• Cyb3rWard0g / infosec-well-done

  View on GitHub
  A few quick recipes for those that do not have much time during the day
  ☆22Oct 28, 2024Updated last year
• iknowjason / Velociraptor_Azure

  View on GitHub
  A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
  ☆22Apr 16, 2021Updated 5 years ago
• ch33r10 / BlueSpace2021

  View on GitHub
  Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!
  ☆13Jun 5, 2023Updated 2 years ago
• nmanzi / throwphish

  View on GitHub
  Automatically deploy preconfigured SSL ready GoPhish instances into Azure using Terraform.
  ☆17Apr 30, 2021Updated 5 years ago
• AndrewRathbun / Awesome-KAPE

  View on GitHub
  A curated list of KAPE-related resources
  ☆187May 1, 2025Updated last year
• austinsonger / Incident-Playbook

  View on GitHub
  GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
  ☆1,566Jul 28, 2024Updated last year
• dfircheatsheet / dfircheatsheet.github.io

  View on GitHub
  ☆65Sep 18, 2025Updated 8 months ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• mandiant / DFUR-Splunk-App

  View on GitHub
  The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.
  ☆13Sep 9, 2020Updated 5 years ago
• paulveillard / cybersecurity-incident-response

  View on GitHub
  A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources abou…
  ☆63Jan 6, 2023Updated 3 years ago
• guardsight / gsvsoc_cybersecurity-incident-response-plan

  View on GitHub
  Cybersecurity Incident Response Plan
  ☆111Oct 2, 2020Updated 5 years ago
• Velocidex / velociraptor-sigma-rules

  View on GitHub
  A Compiler from Sigma rules to VQL
  ☆19May 18, 2026Updated last week
• nccgroup / grepify

  View on GitHub
  Grepify the GUI Regex Text Scanner for Code Reviewers
  ☆23Apr 15, 2013Updated 13 years ago
• NoelV11 / DFIR-Training

  View on GitHub
  Digital Forensics and Incident Response notes and Autopsy tool walkthrough
  ☆11Feb 3, 2022Updated 4 years ago
• WillOram / cyber-incident-management

  View on GitHub
  Notes on managing and coordinating the response to major cyber incidents
  ☆41May 30, 2020Updated 5 years ago
• nobody-cares / Incident-Response-Plan

  View on GitHub
  Incident Response Plan for all major incidents including cheatsheets for both linux and windows
  ☆13Jun 4, 2020Updated 5 years ago
• siemucsm / siemucsm

  View on GitHub
  SIEM USE Case Selection Methodology
  ☆17Sep 18, 2020Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• dfirtrack / dfirtrack

  View on GitHub
  DFIRTrack - The Incident Response Tracking Application
  ☆534Jan 13, 2026Updated 4 months ago
• 3CORESec / Automata

  View on GitHub
  Automatic detection engineering technical state compliance
  ☆55Jul 7, 2024Updated last year
• zeflow / Sigma2SplunkAlert

  View on GitHub
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆12Jul 1, 2021Updated 4 years ago
• corelight / top-dns

  View on GitHub
  Top DNS Measurement for Bro
  ☆10Aug 22, 2020Updated 5 years ago
• Correia-jpv / fucking-awesome-incident-response

  View on GitHub
  A curated list of tools for incident response. With repository stars⭐ and forks🍴
  ☆264Updated this week
• JartanFTW / kot-skipper

  View on GitHub
  Automatically find certain gems in King of Thieves
  ☆10May 15, 2025Updated last year
• dfir-dd / dfir-toolkit

  View on GitHub
  CLI tools for forensic investigation of Windows artifacts
  ☆351Jul 21, 2025Updated 10 months ago