A curated repository of incident response playbooks
☆130Jul 17, 2023Updated 2 years ago
Alternatives and similar repositories for awesome-playbooks
Users that are interested in awesome-playbooks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Python script for extracting IP addresses, URLs, headers, and attachments from .eml files. Additional functionalities include defanging…☆46Oct 10, 2024Updated last year
- ☆199Mar 11, 2024Updated 2 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆50Sep 1, 2023Updated 2 years ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆104May 8, 2026Updated 3 weeks ago
- Cyber Incident Response Team Playbook Battle Cards☆433May 10, 2024Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆38May 28, 2025Updated last year
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆37Oct 21, 2025Updated 7 months ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- On-Premises Open Cyber Threat Intelligence Platform☆11Oct 29, 2024Updated last year
- GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]☆1,572Jul 28, 2024Updated last year
- We want to create a Repo which can provide different Malwares wrote by Python.☆27May 26, 2025Updated last year
- CRUSOE: A Toolset for Cyber Situational Awareness and Decision Support in Incident Handling Inspired by the OODA Loop☆15Dec 11, 2024Updated last year
- GoLang package for creating Mythic Payload Types, C2 Profiles, Translation Services, WebHook listeners, and Loggers☆25Mar 12, 2026Updated 2 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆60Mar 2, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Intel Retrieval Augmented Generation (RAG) Utilities☆90Jan 29, 2024Updated 2 years ago
- THOR APT Scanner User Manual☆22May 22, 2026Updated last week
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆93Mar 2, 2021Updated 5 years ago
- Sigma is Generic Signature Format for SIEM Systems written by Florian Roth @Neo23x0 and Thomas Patzke. This repository is providing sprea…☆33Oct 16, 2019Updated 6 years ago
- A preconfigured Velociraptor triage collector☆77May 4, 2026Updated 3 weeks ago
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Jul 13, 2020Updated 5 years ago
- Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…☆14May 28, 2025Updated last year
- Augmentation to Machine Readable CTI☆38Apr 22, 2026Updated last month
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,953May 17, 2026Updated last week
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- SIEM USE Case Selection Methodology☆17Sep 18, 2020Updated 5 years ago
- ☆75Apr 3, 2025Updated last year
- Free cybersecurity training resources☆13Feb 5, 2020Updated 6 years ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆111Feb 18, 2024Updated 2 years ago
- This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return resul…☆262Apr 8, 2026Updated last month
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- 提取 PDF 文件中的文本,使用 OpenAI 进行翻译,并将翻译结果写入 txt 文件中。☆12Jun 10, 2023Updated 2 years ago
- DFIQ is a collection of investigative questions and the approaches for answering them☆309Mar 10, 2026Updated 2 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Playbooks for SOC Analysts☆715Dec 11, 2022Updated 3 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Defending OT with ATT&CK provides a customized threat collection tailored to the attack surface and threat model of operational technolog…☆15May 28, 2025Updated last year
- A tool that allows you to document and assess any security automation in your SOC☆50Oct 31, 2024Updated last year
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆433May 21, 2026Updated last week
- A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks inc…☆29Jun 22, 2022Updated 3 years ago
- OASIS CACAO TC: Official repository for work of the CACAO TC https://github.com/oasis-tcs/cacao☆33Jan 16, 2024Updated 2 years ago