Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

• UpdatedDec 11, 2025
• Shell

A collection of sources of documentation, as well as field best practices, to build/run a SOC

• UpdatedDec 16, 2025

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

• UpdatedJun 24, 2024
• Python

基于开源组件（Inception & SQLAdvisor & SOAR）的SQL审核&SQL优化的Web平台

• UpdatedDec 9, 2022
• Vue

Extract and aggregate threat intelligence.

• UpdatedJan 31, 2024
• Python

Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

• UpdatedDec 17, 2025
• TypeScript

⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes

• UpdatedNov 23, 2025
• Vue

Encyclopedia for Executables

• UpdatedNov 9, 2021
• PowerShell

CyberSecurity BLUE TEAM containerized platform that brings together open-source tools for SIEM, DFIR, CTI, SOAR, and Network Analysis

• UpdatedOct 16, 2025
• Shell

🤖 Admyral enables continuous control monitoring for any custom control

• UpdatedNov 27, 2024
• Python

SQL optimizer and rewriter for laravel. - laravel 的 SQL 优化器和重写器。

• UpdatedDec 16, 2025
• PHP

Notice: Postee is no longer under active development or maintenance.

• UpdatedAug 28, 2025
• Go

SQL optimizer and rewriter(assisted SQL tuning). - SQL 优化器和重写器(辅助 SQL 调优)。

• UpdatedDec 16, 2025
• PHP

Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch jimi has developed into a fully fledged IT automation platform which effortlessly integrates with your existing tools unlocking the potential for autonomous IT and Security operations.

• UpdatedJun 19, 2024
• Python

django-base-templates 主要为 django 开发DEMO, 支持 非前后端分离 和 前后端分离模式 。

• UpdatedFeb 15, 2023
• Python

SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incident response. It enriches alerts using VirusTotal & AbuseIPDB, creates incidents in TheHive, and sends real-time Discord notifications.

• UpdatedFeb 21, 2025

A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).

• UpdatedJan 6, 2023

A curated repository of incident response playbooks

• UpdatedJul 17, 2023
• PowerShell

IYSQL - Improve Your SQL

• UpdatedDec 10, 2018
• CSS

Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the community edition) data processing. The original intention is to solve complex data/event processing and external system linkage requirements through standardized rules.

• UpdatedMay 8, 2023
• Python