#1
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
1.1K starsApr 28, 2026 pushdevopsPythonIncident Response
$ npx skills add certtools/intelmqAlternatives
AiSOC alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
AiSOC
Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.
100
Quality
93
Trust
1.4K
Stars
#2
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
3.2K starsJun 7, 2026 pushdevopsRustIncident Response
$ npx skills add Yamato-Security/hayabusa#3
AssemblyLine 4: File triage and malware analysis
508 starsJun 15, 2026 pushdevopsPythonIncident Response
$ npx skills add CybercentreCanada/assemblyline#4
Volatility 3.0 development
4.2K starsMay 26, 2026 pushdevopsPythonIncident Response
$ npx skills add volatilityfoundation/volatility3#5
Collaborative Incident Response platform
1.5K starsJun 8, 2026 pushdevopsPythonIncident Response
$ npx skills add dfir-iris/iris-web#6
Wazuh - Docker containers
1.1K starsJun 10, 2026 pushdevopsShellIncident Response
$ npx skills add wazuh/wazuh-docker#7
🛡️ Open-source and cloud-native Web Application Firewall (WAF)
11K starsJun 16, 2026 pushdevopsPythonKubernetes
$ npx skills add bunkerity/bunkerweb#8
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
9.5K starsApr 17, 2026 pushdevopsShellIncident Response
$ npx skills add toniblyx/my-arsenal-of-aws-security-tools#9
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
1.1K starsJun 27, 2025 pushdevopsGoIncident Response
$ npx skills add mikeroyal/Open-Source-Security-Guide#10
A collection of resources for Threat Hunters
915 starsOct 15, 2024 pushdevopsPythonIncident Response
$ npx skills add A3sal0n/CyberThreatHunting#11
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
1.6K starsJul 28, 2024 pushdevopsIncident ResponseClaude Code
$ npx skills add austinsonger/Incident-Playbook#12
FAME Automates Malware Evaluation
941 starsJun 13, 2026 pushdevopsPythonIncident Response
$ npx skills add certsocietegenerale/fame#13
Digging Deeper....
4.0K starsJun 16, 2026 pushdevopsGoIncident Response
$ npx skills add Velocidex/velociraptor#14
Open-source cross-platform endpoint detection engine for Windows, macOS, and Linux using ETW, ESF, eBPF, Sigma, YARA, IOCs, and ECS NDJSON alerts.
377 starsJun 15, 2026 pushdevopsRustIncident Response
$ npx skills add Karib0u/rustinel#15
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
3.1K starsJun 12, 2026 pushdevopsCIncident Response
$ npx skills add sleuthkit/sleuthkit#16
CRADLE is a collaborative platform for Cyber Threat Intelligence analysts. It streamlines threat investigations with integrated note-taking, automated data linking, interactive visualizations, and robust access control. Enhance your CTI workflow from analysis to reporting—all in one secure space.
344 starsMay 18, 2026 pushdevopsJavaScriptIncident Response
$ npx skills add prodaft/cradleHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep AiSOC if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.