playbooks
Threat playbook library
Community-developed playbooks and custom functions for Splunk SOAR threat hunting and incident response
Phantom Community Playbooks
478 stars
63 watching
203 forks
Language: Python
last commit: about 2 months ago
Linked from 3 awesome lists
meirwah/awesome-incident-response
correlatedsecurity/awesome-soar
ryanplasma/awesome-splunk-phantomRelated projects:
| Repository | Description | Stars |
|---|---|---|
 threatconnect-inc/threatconnect-playbooks | A community-driven repository of reusable automation and orchestration scripts for ThreatConnect's security platform. | 68 |
| phantomcyber/phantom-community-projects | A collection of collaborative projects and learning initiatives | 12 |
 aaronsdevera/phantom | Community-created extensions for Phantom security orchestration platform | 4 |
 otrf/threathunter-playbook | A community-driven project providing shared detection logic and resources for threat hunting | 4,049 |
 guardsight/gsvsoc_cirt-playbook-battle-cards | A collection of customizable recipes for responding to cyber threats and attacks | 361 |
 paulpc/nyx | Automates distribution of threat intelligence artifacts to defensive systems. | 30 |
 betrybe/playbook-go | A guide to best practices and design patterns in the Go programming language | 310 |
 splunk/security_content | Delivers threat intelligence and detection capabilities to Splunk Enterprise Security | 1,319 |
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 861 |
 mpschrader/gym-sokoban | An OpenAI Gym environment for solving the Sokoban puzzle game | 333 |
 olafhartong/threathunting | A Splunk application designed to guide threat hunts by mapping investigations to the MITRE ATT&CK framework | 1,141 |
 inodee/threathunting-spl | Provides Splunk code and prototypes for building rules and queries to detect malicious activity | 268 |
 pan-unit42/public_tools | A collection of tools and utilities released by the Palo Alto Networks Threat Intelligence team. | 708 |
 0x706972686f/phantasm | A Python-based test automation framework for Splunk Phantom playbooks. | 11 |
 opencybersecurityalliance/kestrel-lang | A language and runtime framework for building reusable, composable threat hunting workflows using Python. | 302 |