#1
Wazuh - Ansible playbook
410 starsJun 9, 2026 pushdevopsShellIncident Response
$ npx skills add wazuh/wazuh-ansibleAlternatives
Wazuh Docker alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
Wazuh Docker
Wazuh - Docker containers
97
Quality
84
Trust
1.1K
Stars
#2
Plugins for Wazuh Dashboard
512 starsJun 16, 2026 pushdevopsTypeScriptIncident Response
$ npx skills add wazuh/wazuh-dashboard-plugins#3
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
9.5K starsApr 17, 2026 pushdevopsShellIncident Response
$ npx skills add toniblyx/my-arsenal-of-aws-security-tools#4
Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.
1.4K starsJun 15, 2026 pushdevopsPythonIncident Response
$ npx skills add beenuar/AiSOC#5
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.
1.4K starsMay 28, 2026 pushdevopsShellIncident Response
$ npx skills add tclahr/uac#6
Tenzir is the data pipeline engine for security teams.
742 starsJun 16, 2026 pushdevopsC++Incident Response
$ npx skills add tenzir/tenzir#7
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
568 starsJun 16, 2026 pushdevopsTypeScriptIncident Response
$ npx skills add utmstack/UTMStack#8
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
1.1K starsJun 27, 2025 pushdevopsGoIncident Response
$ npx skills add mikeroyal/Open-Source-Security-Guide#9
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
3.2K starsJun 7, 2026 pushdevopsRustIncident Response
$ npx skills add Yamato-Security/hayabusa#10
Volatility 3.0 development
4.2K starsMay 26, 2026 pushdevopsPythonIncident Response
$ npx skills add volatilityfoundation/volatility3#11
Digging Deeper....
4.0K starsJun 16, 2026 pushdevopsGoIncident Response
$ npx skills add Velocidex/velociraptor#12
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
3.1K starsJun 12, 2026 pushdevopsCIncident Response
$ npx skills add sleuthkit/sleuthkit#13
Test your code without writing mocks with ephemeral Docker containers 📦 Setup popular services with just a couple lines of code ⏱️ No bash, no yaml, only code 💻
1.5K starsApr 13, 2026 pushdevopsGoKubernetes
$ npx skills add orlangure/gnomock#14
Collaborative Incident Response platform
1.5K starsJun 8, 2026 pushdevopsPythonIncident Response
$ npx skills add dfir-iris/iris-web#15
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
36K starsJun 15, 2026 pushdevopsGoKubernetes
$ npx skills add aquasecurity/trivy#16
Cortex: a Powerful Observable Analysis and Active Response Engine
1.6K starsMay 20, 2026 pushdevopsScalaIncident Response
$ npx skills add TheHive-Project/CortexHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep Wazuh Docker if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.