#1
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
3.2K starsJun 7, 2026 pushdevopsRustIncident Response
$ npx skills add Yamato-Security/hayabusaAlternatives
AzureHunter alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
55
Quality
74
Trust
790
Stars
#2
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
9.5K starsApr 17, 2026 pushdevopsShellIncident Response
$ npx skills add toniblyx/my-arsenal-of-aws-security-tools#3
Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.
1.4K starsJun 15, 2026 pushdevopsPythonIncident Response
$ npx skills add beenuar/AiSOC#4
Cortex: a Powerful Observable Analysis and Active Response Engine
1.6K starsMay 20, 2026 pushdevopsScalaIncident Response
$ npx skills add TheHive-Project/Cortex#5
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.
1.4K starsMay 28, 2026 pushdevopsShellIncident Response
$ npx skills add tclahr/uac#6
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
720 starsMay 2, 2026 pushdevopsPowerShellIncident Response
$ npx skills add LETHAL-FORENSICS/MemProcFS-Analyzer#7
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
1.1K starsApr 28, 2026 pushdevopsPythonIncident Response
$ npx skills add certtools/intelmq#8
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
758 starsFeb 1, 2026 pushdevopsPowerShellIncident Response
$ npx skills add securityjoes/MasterParser#9
A collection of resources for Threat Hunters
915 starsOct 15, 2024 pushdevopsPythonIncident Response
$ npx skills add A3sal0n/CyberThreatHunting#10
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
1.1K starsNov 8, 2025 pushdevopsIncident ResponseClaude Code
$ npx skills add mdecrevoisier/Microsoft-eventlog-mindmap#11
⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes
530 starsJun 2, 2026 pushdevopsVueIncident Response
$ npx skills add SecurityBrewery/catalyst#12
AssemblyLine 4: File triage and malware analysis
508 starsJun 15, 2026 pushdevopsPythonIncident Response
$ npx skills add CybercentreCanada/assemblyline#13
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
1.6K starsJul 28, 2024 pushdevopsIncident ResponseClaude Code
$ npx skills add austinsonger/Incident-Playbook#14
Cortex Analyzers Repository
485 starsJun 11, 2026 pushdevopsPythonIncident Response
$ npx skills add TheHive-Project/Cortex-Analyzers#15
Volatility 3.0 development
4.2K starsMay 26, 2026 pushdevopsPythonIncident Response
$ npx skills add volatilityfoundation/volatility3#16
Digging Deeper....
4.0K starsJun 16, 2026 pushdevopsGoIncident Response
$ npx skills add Velocidex/velociraptorHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep AzureHunter if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.