dfir-dd/incident-response-playbooks external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

dfir-dd/incident-response-playbooks

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/dfir-dd/incident-response-playbooks)

Close

dfir-dd / incident-response-playbooksView on GitHubMore

• External links
• Readme badge

Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents

☆51Apr 25, 2024Updated last year

Alternatives and similar repositories for incident-response-playbooks

Users that are interested in incident-response-playbooks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• chandunsa / IRP

  View on GitHub
  Incident Response Playbooks
  ☆15Jun 10, 2019Updated 6 years ago
• elysiumsecurityltd / IRM

  View on GitHub
  Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General
  ☆24Dec 16, 2021Updated 4 years ago
• dfir-dd / dionysos

  View on GitHub
  Scanner for certain IoCs
  ☆11Jan 29, 2025Updated last year
• guardsight / gsvsoc_cirt-playbook-battle-cards

  View on GitHub
  Cyber Incident Response Team Playbook Battle Cards
  ☆425May 10, 2024Updated last year
• msraju / Incident-Response-Playbooks

  View on GitHub
  ☆49Oct 28, 2022Updated 3 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• advanced-threat-research / Ripple-20-Detection-Logic

  View on GitHub
  Ripple20 Critical Vulnerabilities - Detection Logic and Signatures
  ☆12May 28, 2021Updated 4 years ago
• knightmare2600 / wintools

  View on GitHub
  Useful windows tools for Blue, Red & Purple teams
  ☆11Mar 8, 2026Updated 3 weeks ago
• jiansiting / ripple20-poc

  View on GitHub
  Treck Network Stack Discovery Tool by JSOF
  ☆34Jun 30, 2020Updated 5 years ago
• guardsight / gsvsoc_mission-model

  View on GitHub
  Incident Response Report Using GitHub-Sphinx
  ☆20Oct 28, 2019Updated 6 years ago
• janstarke / evtxview

  View on GitHub
  evtxview is a GUI viewer for Microsoft Windows evtx files (Windows event logs). I'm hacking this tiny tool because I need such a tool in …
  ☆16Dec 14, 2020Updated 5 years ago
• p4gs / Okta-Incident-Response-Playbook

  View on GitHub
  A generic security incident response playbook investigating and responding to potential compromises of Okta's internal systems, in the co…
  ☆20Mar 24, 2022Updated 4 years ago
• corelight / threat-hunting-guide

  View on GitHub
  ☆58Mar 4, 2022Updated 4 years ago
• sroberts / sapho

  View on GitHub
  A homebrewed cyber threat intelligence solution
  ☆20Nov 20, 2012Updated 13 years ago
• wectf / 2020

  View on GitHub
  WeCTF 2020 Source Code & Organizer's Writeup
  ☆31Feb 5, 2021Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• Maboalenen / DFIR

  View on GitHub
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆46Jan 2, 2022Updated 4 years ago
• NVISOsecurity / evtx-hunter

  View on GitHub
  evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
  ☆158Nov 30, 2021Updated 4 years ago
• Cyb3rWard0g / infosec-well-done

  View on GitHub
  A few quick recipes for those that do not have much time during the day
  ☆22Oct 28, 2024Updated last year
• iknowjason / Velociraptor_Azure

  View on GitHub
  A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
  ☆22Apr 16, 2021Updated 4 years ago
• ch33r10 / BlueSpace2021

  View on GitHub
  Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!
  ☆13Jun 5, 2023Updated 2 years ago
• AndrewRathbun / Awesome-KAPE

  View on GitHub
  A curated list of KAPE-related resources
  ☆184May 1, 2025Updated 10 months ago
• austinsonger / Incident-Playbook

  View on GitHub
  GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
  ☆1,548Jul 28, 2024Updated last year
• dfircheatsheet / dfircheatsheet.github.io

  View on GitHub
  ☆65Sep 18, 2025Updated 6 months ago
• mandiant / DFUR-Splunk-App

  View on GitHub
  The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.
  ☆13Sep 9, 2020Updated 5 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• guardsight / gsvsoc_cybersecurity-incident-response-plan

  View on GitHub
  Cybersecurity Incident Response Plan
  ☆109Oct 2, 2020Updated 5 years ago
• paulveillard / cybersecurity-incident-response

  View on GitHub
  A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources abou…
  ☆62Jan 6, 2023Updated 3 years ago
• nccgroup / grepify

  View on GitHub
  Grepify the GUI Regex Text Scanner for Code Reviewers
  ☆23Apr 15, 2013Updated 12 years ago
• NoelV11 / DFIR-Training

  View on GitHub
  Digital Forensics and Incident Response notes and Autopsy tool walkthrough
  ☆11Feb 3, 2022Updated 4 years ago
• WillOram / cyber-incident-management

  View on GitHub
  Notes on managing and coordinating the response to major cyber incidents
  ☆41May 30, 2020Updated 5 years ago
• nobody-cares / Incident-Response-Plan

  View on GitHub
  Incident Response Plan for all major incidents including cheatsheets for both linux and windows
  ☆13Jun 4, 2020Updated 5 years ago
• siemucsm / siemucsm

  View on GitHub
  SIEM USE Case Selection Methodology
  ☆17Sep 18, 2020Updated 5 years ago
• AtomicGaryBusey / AzureForensics

  View on GitHub
  ☆33Oct 25, 2021Updated 4 years ago
• dfirtrack / dfirtrack

  View on GitHub
  DFIRTrack - The Incident Response Tracking Application
  ☆534Jan 13, 2026Updated 2 months ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• 3CORESec / Automata

  View on GitHub
  Automatic detection engineering technical state compliance
  ☆55Jul 7, 2024Updated last year
• zeflow / Sigma2SplunkAlert

  View on GitHub
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆12Jul 1, 2021Updated 4 years ago
• corelight / top-dns

  View on GitHub
  Top DNS Measurement for Bro
  ☆10Aug 22, 2020Updated 5 years ago
• Correia-jpv / fucking-awesome-incident-response

  View on GitHub
  A curated list of tools for incident response. With repository stars⭐ and forks🍴
  ☆257Mar 22, 2026Updated last week
• aws-samples / aws-incident-response-playbooks-workshop

  View on GitHub
  ☆97Feb 19, 2024Updated 2 years ago
• JartanFTW / kot-skipper

  View on GitHub
  Automatically find certain gems in King of Thieves
  ☆10May 15, 2025Updated 10 months ago
• dfir-dd / dfir-toolkit

  View on GitHub
  CLI tools for forensic investigation of Windows artifacts
  ☆349Jul 21, 2025Updated 8 months ago