A curated repository of incident response playbooks
☆125Jul 17, 2023Updated 2 years ago
Alternatives and similar repositories for awesome-playbooks
Users that are interested in awesome-playbooks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Python script for extracting IP addresses, URLs, headers, and attachments from .eml files. Additional functionalities include defanging…☆46Oct 10, 2024Updated last year
- ☆199Mar 11, 2024Updated 2 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆50Sep 1, 2023Updated 2 years ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆104Updated this week
- Cyber Incident Response Team Playbook Battle Cards☆430May 10, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆38May 28, 2025Updated 11 months ago
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆37Oct 21, 2025Updated 6 months ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- On-Premises Open Cyber Threat Intelligence Platform☆11Oct 29, 2024Updated last year
- GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]☆1,559Jul 28, 2024Updated last year
- We want to create a Repo which can provide different Malwares wrote by Python.☆27May 26, 2025Updated 11 months ago
- THOR APT Scanner User Manual☆21May 2, 2026Updated last week
- CRUSOE: A Toolset for Cyber Situational Awareness and Decision Support in Incident Handling Inspired by the OODA Loop☆15Dec 11, 2024Updated last year
- GoLang package for creating Mythic Payload Types, C2 Profiles, Translation Services, WebHook listeners, and Loggers☆24Mar 12, 2026Updated last month
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Sigma detection rules for hunting with the threathunting-keywords project☆60Mar 2, 2025Updated last year
- Intel Retrieval Augmented Generation (RAG) Utilities☆90Jan 29, 2024Updated 2 years ago
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆92Mar 2, 2021Updated 5 years ago
- Sigma is Generic Signature Format for SIEM Systems written by Florian Roth @Neo23x0 and Thomas Patzke. This repository is providing sprea…☆33Oct 16, 2019Updated 6 years ago
- ☆25Jan 4, 2023Updated 3 years ago
- A preconfigured Velociraptor triage collector☆76Updated this week
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Jul 13, 2020Updated 5 years ago
- Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…☆14May 28, 2025Updated 11 months ago
- Augmentation to Machine Readable CTI☆38Apr 22, 2026Updated 2 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,951Apr 28, 2026Updated last week
- SIEM USE Case Selection Methodology☆17Sep 18, 2020Updated 5 years ago
- ☆75Apr 3, 2025Updated last year
- Free cybersecurity training resources☆13Feb 5, 2020Updated 6 years ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆110Feb 18, 2024Updated 2 years ago
- This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return resul…☆261Apr 8, 2026Updated last month
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- 提取 PDF 文件中的文本,使用 OpenAI 进行翻译,并将翻译结果写入 txt 文件中。☆12Jun 10, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- DFIQ is a collection of investigative questions and the approaches for answering them☆308Mar 10, 2026Updated last month
- Playbooks for SOC Analysts☆712Dec 11, 2022Updated 3 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- self-hosted Azure OSINT tool☆35Jun 24, 2025Updated 10 months ago
- Defending OT with ATT&CK provides a customized threat collection tailored to the attack surface and threat model of operational technolog…☆14May 28, 2025Updated 11 months ago
- Kaseya REvil CNC domains☆12Jan 30, 2024Updated 2 years ago
- A tool that allows you to document and assess any security automation in your SOC☆50Oct 31, 2024Updated last year