#1
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
1.1K starsApr 28, 2026 pushdevopsPythonIncident Response
$ npx skills add certtools/intelmqAlternatives
Assemblyline alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
Assemblyline
AssemblyLine 4: File triage and malware analysis
84
Quality
85
Trust
508
Stars
#2
Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.
1.4K starsJun 15, 2026 pushdevopsPythonIncident Response
$ npx skills add beenuar/AiSOC#3
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
3.2K starsJun 7, 2026 pushdevopsRustIncident Response
$ npx skills add Yamato-Security/hayabusa#4
Volatility 3.0 development
4.2K starsMay 26, 2026 pushdevopsPythonIncident Response
$ npx skills add volatilityfoundation/volatility3#5
Collaborative Incident Response platform
1.5K starsJun 8, 2026 pushdevopsPythonIncident Response
$ npx skills add dfir-iris/iris-web#6
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
9.5K starsApr 17, 2026 pushdevopsShellIncident Response
$ npx skills add toniblyx/my-arsenal-of-aws-security-tools#7
Tools and Techniques for Blue Team / Incident Response
4.1K starsMar 27, 2025 pushdevopsIncident ResponseClaude Code
$ npx skills add A-poc/BlueTeam-Tools#8
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
1.1K starsJun 27, 2025 pushdevopsGoIncident Response
$ npx skills add mikeroyal/Open-Source-Security-Guide#9
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
578 starsJun 3, 2026 pushdevopsGoIncident Response
$ npx skills add activecm/rita#10
A collection of resources for Threat Hunters
915 starsOct 15, 2024 pushdevopsPythonIncident Response
$ npx skills add A3sal0n/CyberThreatHunting#11
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
1.6K starsJul 28, 2024 pushdevopsIncident ResponseClaude Code
$ npx skills add austinsonger/Incident-Playbook#12
FAME Automates Malware Evaluation
941 starsJun 13, 2026 pushdevopsPythonIncident Response
$ npx skills add certsocietegenerale/fame#13
Digging Deeper....
4.0K starsJun 16, 2026 pushdevopsGoIncident Response
$ npx skills add Velocidex/velociraptor#14
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
3.1K starsJun 12, 2026 pushdevopsCIncident Response
$ npx skills add sleuthkit/sleuthkit#15
CRADLE is a collaborative platform for Cyber Threat Intelligence analysts. It streamlines threat investigations with integrated note-taking, automated data linking, interactive visualizations, and robust access control. Enhance your CTI workflow from analysis to reporting—all in one secure space.
344 starsMay 18, 2026 pushdevopsJavaScriptIncident Response
$ npx skills add prodaft/cradle#16
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
758 starsFeb 1, 2026 pushdevopsPowerShellIncident Response
$ npx skills add securityjoes/MasterParserHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep Assemblyline if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.