#1
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
3.2K starsJun 7, 2026 pushdevopsRustIncident Response
$ npx skills add Yamato-Security/hayabusaAlternatives
Gsvsoc Cirt Playbook Battle Cards alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
Gsvsoc Cirt Playbook Battle Cards
Cyber Incident Response Team Playbook Battle Cards
53
Quality
73
Trust
434
Stars
#2
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
3.1K starsJun 12, 2026 pushdevopsCIncident Response
$ npx skills add sleuthkit/sleuthkit#3
Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.
1.4K starsJun 15, 2026 pushdevopsPythonIncident Response
$ npx skills add beenuar/AiSOC#4
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
1.1K starsApr 28, 2026 pushdevopsPythonIncident Response
$ npx skills add certtools/intelmq#5
PagerDuty's Incident Response Documentation.
1.0K starsApr 9, 2026 pushdevopsDockerfileIncident Response
$ npx skills add PagerDuty/incident-response-docs#6
A collection of resources for Threat Hunters
915 starsOct 15, 2024 pushdevopsPythonIncident Response
$ npx skills add A3sal0n/CyberThreatHunting#7
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
1.1K starsNov 8, 2025 pushdevopsIncident ResponseClaude Code
$ npx skills add mdecrevoisier/Microsoft-eventlog-mindmap#8
FAME Automates Malware Evaluation
941 starsJun 13, 2026 pushdevopsPythonIncident Response
$ npx skills add certsocietegenerale/fame#9
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
9.5K starsApr 17, 2026 pushdevopsShellIncident Response
$ npx skills add toniblyx/my-arsenal-of-aws-security-tools#10
⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes
530 starsJun 2, 2026 pushdevopsVueIncident Response
$ npx skills add SecurityBrewery/catalyst#11
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
634 starsJun 3, 2026 pushdevopsPowerShellIncident Response
$ npx skills add LETHAL-FORENSICS/Microsoft-Analyzer-Suite#12
PowerShell Digital Forensics & Incident Response Scripts.
797 starsMay 26, 2026 pushdevopsPowerShellIncident Response
$ npx skills add Bert-JanP/Incident-Response-Powershell#13
AssemblyLine 4: File triage and malware analysis
508 starsJun 15, 2026 pushdevopsPythonIncident Response
$ npx skills add CybercentreCanada/assemblyline#14
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
1.6K starsJul 28, 2024 pushdevopsIncident ResponseClaude Code
$ npx skills add austinsonger/Incident-Playbook#15
Volatility 3.0 development
4.2K starsMay 26, 2026 pushdevopsPythonIncident Response
$ npx skills add volatilityfoundation/volatility3#16
Digging Deeper....
4.0K starsJun 16, 2026 pushdevopsGoIncident Response
$ npx skills add Velocidex/velociraptorHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep Gsvsoc Cirt Playbook Battle Cards if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.