A tool that allows you to document and assess any security automation in your SOC
☆50Oct 31, 2024Updated last year
Alternatives and similar repositories for automation-capability-matrix
Users that are interested in automation-capability-matrix are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Flowpipe sample mods, demonstrating common pipeline patterns and how to use the Flowpipe library mods. Run directly or use as examples fo…☆19Apr 27, 2026Updated last month
- CrowdStrike Falcon log forwarder from falcon S3 bucket to your S3 bucket☆10Apr 15, 2021Updated 5 years ago
- This is a collection of threat detection rules / rules engines that I have come across.☆300May 5, 2024Updated 2 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- ☆30Nov 25, 2025Updated 6 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Repo containing my public talks☆23May 30, 2023Updated 3 years ago
- A knowledge base of actionable Incident Response techniques☆666May 31, 2022Updated 4 years ago
- An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as…☆71Jul 6, 2025Updated 11 months ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- ☆21Nov 23, 2022Updated 3 years ago
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆26Oct 14, 2024Updated last year
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Jun 15, 2021Updated 4 years ago
- Command line tool to interact with Chronicle's Config Based Normalizer (CBN) APIs.☆31Aug 31, 2023Updated 2 years ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆54Jun 21, 2025Updated 11 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.☆402Jan 20, 2026Updated 4 months ago
- ☆73May 19, 2026Updated 3 weeks ago
- Meraki Adventure API Lab☆10Jul 6, 2020Updated 5 years ago
- Slack bot which promotes Defense in Depth/Zero Trust security practices☆25Jan 17, 2023Updated 3 years ago
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆93Mar 2, 2021Updated 5 years ago
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆35Jul 23, 2024Updated last year
- Very easy to use demo showcasing Meraki APIs☆11Dec 13, 2023Updated 2 years ago
- Living off the False Positive!☆42Apr 3, 2026Updated 2 months ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆19Jun 29, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆12Aug 8, 2022Updated 3 years ago
- A command-line tool and Python library for parsing Windows Master File Table ($MFT) and importing the results into Elasticsearch.☆13Jun 3, 2026Updated last week
- ☆13Apr 1, 2024Updated 2 years ago
- Workflows for Shuffle☆25Oct 26, 2022Updated 3 years ago
- DFF (Digital Forensics Framework)☆11Jan 6, 2021Updated 5 years ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆32Jul 27, 2023Updated 2 years ago
- pollen - A command-line tool for interacting with TheHive☆36Jun 6, 2019Updated 7 years ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- P.S.E.U.D.O. optimizes the macOS Platform SSO registration experience.☆55Apr 28, 2026Updated last month
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Trend Vision One API cookbook sample code☆16Mar 26, 2026Updated 2 months ago
- Abusing Remote Windows SMB Shares for Fun and Pen Testing☆15May 23, 2023Updated 3 years ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆342May 24, 2026Updated 3 weeks ago
- ☆16Dec 3, 2020Updated 5 years ago
- Burp Extender to add unique form tokens to scanner requests.☆14Nov 5, 2024Updated last year
- A curated list of GPT agents for cybersecurity☆12Oct 2, 2024Updated last year
- Base class for Jupyter Data Integrations☆11Feb 11, 2026Updated 4 months ago