A curated repository of incident response playbooks
☆132Jul 17, 2023Updated 2 years ago
Alternatives and similar repositories for awesome-playbooks
Users that are interested in awesome-playbooks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Python script for extracting IP addresses, URLs, headers, and attachments from .eml files. Additional functionalities include defanging…☆47Oct 10, 2024Updated last year
- ☆199Mar 11, 2024Updated 2 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆50Sep 1, 2023Updated 2 years ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆106May 27, 2026Updated 3 weeks ago
- Cyber Incident Response Team Playbook Battle Cards☆434May 10, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆38May 28, 2025Updated last year
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆38Jun 5, 2026Updated 2 weeks ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated 2 years ago
- On-Premises Open Cyber Threat Intelligence Platform☆11Oct 29, 2024Updated last year
- GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]☆1,575Jul 28, 2024Updated last year
- We want to create a Repo which can provide different Malwares wrote by Python.☆27May 26, 2025Updated last year
- CRUSOE: A Toolset for Cyber Situational Awareness and Decision Support in Incident Handling Inspired by the OODA Loop☆15Dec 11, 2024Updated last year
- GoLang package for creating Mythic Payload Types, C2 Profiles, Translation Services, WebHook listeners, and Loggers☆25Updated this week
- Sigma detection rules for hunting with the threathunting-keywords project☆60Mar 2, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Intel Retrieval Augmented Generation (RAG) Utilities☆90Jan 29, 2024Updated 2 years ago
- THOR APT Scanner User Manual☆22Jun 10, 2026Updated last week
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆94Mar 2, 2021Updated 5 years ago
- Sigma is Generic Signature Format for SIEM Systems written by Florian Roth @Neo23x0 and Thomas Patzke. This repository is providing sprea…☆33Oct 16, 2019Updated 6 years ago
- ☆25Jan 4, 2023Updated 3 years ago
- A preconfigured Velociraptor triage collector☆77Jun 4, 2026Updated 2 weeks ago
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Jul 13, 2020Updated 5 years ago
- Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…☆14May 28, 2025Updated last year
- Augmentation to Machine Readable CTI☆38Jun 9, 2026Updated last week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,968Updated this week
- SIEM USE Case Selection Methodology☆17Sep 18, 2020Updated 5 years ago
- ☆77Apr 3, 2025Updated last year
- Free cybersecurity training resources☆13Feb 5, 2020Updated 6 years ago
- This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return resul…☆262Apr 8, 2026Updated 2 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆112Feb 18, 2024Updated 2 years ago
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- 提取 PDF 文件中的文本,使用 OpenAI 进行翻译,并将翻译结果写入 txt 文件中。☆12Jun 10, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- DFIQ is a collection of investigative questions and the approaches for answering them☆309Mar 10, 2026Updated 3 months ago
- Playbooks for SOC Analysts☆721Dec 11, 2022Updated 3 years ago
- self-hosted Azure OSINT tool☆35Jun 24, 2025Updated 11 months ago
- Defending OT with ATT&CK provides a customized threat collection tailored to the attack surface and threat model of operational technolog…☆15May 28, 2025Updated last year
- Kaseya REvil CNC domains☆12Jan 30, 2024Updated 2 years ago
- A tool that allows you to document and assess any security automation in your SOC☆50Oct 31, 2024Updated last year
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆435May 21, 2026Updated 3 weeks ago