Alternatives and similar repositories for incident-runbook

Users that are interested in incident-runbook are comparing it to the libraries listed below

• curi0usJack / Ludus-MDE-MDI-Roles

  View on GitHub
  Ludus roles to deploy ASR rules and MDI auditing settings
  ☆16Aug 5, 2025Updated 6 months ago
• SleepTheGod / TCP-Data-Transfer-Tool

  View on GitHub
  TCP Data Transfer Tool By ClumsyLulz
  ☆12Feb 25, 2023Updated 2 years ago
• Mhackiori / AGIR

  View on GitHub
  Automating Cyber Threat Intelligence Reporting with Natural Language Generation
  ☆14Jan 24, 2024Updated 2 years ago
• Idov31 / OffensiveRust

  View on GitHub
  Rust Weaponization for Red Team Engagements.
  ☆12Nov 14, 2022Updated 3 years ago
• malpedia / malpedia-flossed

  View on GitHub
  FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.
  ☆70Jan 6, 2026Updated last month
• MikeSpa / ethereum-exploit

  View on GitHub
  Analysis of the major exploits that took place on the Ethereum blockchain
  ☆17Oct 31, 2022Updated 3 years ago
• sandmaxprime / VagrantMalwareWin10VM

  View on GitHub
  Vagrant Files to create a Virtualbox VM for Malware Analysis
  ☆13Jun 1, 2021Updated 4 years ago
• dwmetz / PSHero

  View on GitHub
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆36Jul 11, 2023Updated 2 years ago
• retkoussa / reFresh

  View on GitHub
  A bash tool used to install famous bug bounty tools. Mainly used when setting up a fresh environment.
  ☆17Mar 20, 2023Updated 2 years ago
• rbmm / Services

  View on GitHub
  ☆18Jan 9, 2025Updated last year
• vrikodar / Mango

  View on GitHub
  Mango is a user interactive Powershell program to search for possible privilege escalation vectors on windows
  ☆15Aug 4, 2021Updated 4 years ago
• ras-it / Win11-OneDrive-DLL-injection-vulnerability

  View on GitHub
  OneDrive, operating on Microsoft Windows 11 Pro is vulnerable to DLL hijacking.
  ☆21Nov 9, 2023Updated 2 years ago
• regorsec / Linux-Post-Exploitation

  View on GitHub
  Tips, Tricks, and Scripts for Linux Post Exploitation
  ☆38Mar 13, 2023Updated 2 years ago
• dr4k0nia / tooling-playground

  View on GitHub
  A collection of small scripts and tools for deobfuscation and malware analysis.
  ☆67Mar 27, 2023Updated 2 years ago
• jkerai1 / WindowsHardeningScripts

  View on GitHub
  Windows Hardening Powershell Scripts
  ☆23Oct 3, 2025Updated 4 months ago
• jakehildreth / PowerPUG

  View on GitHub
  A tiny tool built to help AD Admins tame the Protected Users group.
  ☆134Sep 8, 2025Updated 5 months ago
• securityjoes / ThreatResearch

  View on GitHub
  ☆61Apr 13, 2023Updated 2 years ago
• JonathanScheinert / Offensive-Cloud-Tools

  View on GitHub
  A collection of automated tools for different cloud infrastructures - Azure & AWS & Google Cloud
  ☆18Dec 26, 2024Updated last year
• atc-project / react-navigator

  View on GitHub
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆17Nov 7, 2020Updated 5 years ago
• 0x0v1 / Audix

  View on GitHub
  Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring
  ☆117Oct 14, 2025Updated 4 months ago
• Kc57 / Awesome-Pentest

  View on GitHub
  A list of awesome penetration testing tools and resources.
  ☆82Oct 19, 2023Updated 2 years ago
• A0RX / Redblueteamparty

  View on GitHub
  A collection of red blue team staff
  ☆48Jun 1, 2023Updated 2 years ago
• humblelad / open-sesame

  View on GitHub
  A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.(Ad…
  ☆42Dec 8, 2022Updated 3 years ago
• asluppiter / Somnium

  View on GitHub
  Script to test NetSec capabilities.
  ☆21May 1, 2023Updated 2 years ago
• corelight / CVE-2021-42292

  View on GitHub
  A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit.
  ☆18Nov 11, 2021Updated 4 years ago
• xalicex / blackhoodie_maldev101_2022

  View on GitHub
  ☆25Nov 28, 2022Updated 3 years ago
• MazX0p / CobaltSentry

  View on GitHub
  ☆24Feb 18, 2025Updated 11 months ago
• quincyntuli / GOAD-v2-Installation-Notes

  View on GitHub
  These are installation notes based on Mayfly's installation notes. They are more streamlined for Vagrant as I did not take the Docker rou…
  ☆28Jun 19, 2024Updated last year
• jsa2 / AADAppAudit

  View on GitHub
  Microsoft Entra ID App Audit Solution (AADAppAudit)
  ☆84Aug 28, 2024Updated last year
• ANSSI-FR / DFIR4vSphere

  View on GitHub
  Powershell module for VMWare vSphere forensics
  ☆158Nov 8, 2024Updated last year
• benscha / KQLAdvancedHunting

  View on GitHub
  some KQL Queries for Advanced Hunting
  ☆58Updated this week
• HarmJ0y / Invoke-ADDefense

  View on GitHub
  Defensive-oriented Active Directory enumeration
  ☆23Jan 22, 2016Updated 10 years ago
• nasbench / Misc-Research

  View on GitHub
  A collection of tools, scripts and personal research
  ☆155Feb 2, 2026Updated 2 weeks ago
• ethicalhackingplayground / crlfmap

  View on GitHub
  CRLFMap is a tool to find HTTP Splitting vulnerabilities
  ☆25Jul 31, 2020Updated 5 years ago
• p0dalirius / pySprayer

  View on GitHub
  Multithreaded spraying of a password on all accounts of a domain.
  ☆26Feb 11, 2025Updated last year
• Securityinbits / cheatsheet

  View on GitHub
  These are some of the commands which I use frequently during Malware Analysis and DFIR.
  ☆24Jan 8, 2024Updated 2 years ago
• W01fh4cker / MemshellKit

  View on GitHub
  针对多个框架的高度自定义的内存马一键打入工具 | A highly customized memory shell one-click injection tool for multiple frameworks
  ☆49Feb 6, 2024Updated 2 years ago
• pracsec / AmsiScanner

  View on GitHub
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆66Oct 17, 2023Updated 2 years ago
• joeavanzato / Trawler

  View on GitHub
  PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
  ☆324May 1, 2025Updated 9 months ago