Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with soar

A curated list of projects in awesome lists tagged with soar .

https://github.com/w5teams/w5

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效

automation devops hack hacker hacking python-script python3 security security-audit security-automation security-tools shuffle soar tools w5 w5soar walkoff

Last synced: 05 Apr 2025

https://github.com/myide/see

基于开源组件(Inception & SQLAdvisor & SOAR)的SQL审核&SQL优化的Web平台

django inception mysql soar sqladvisor vue

Last synced: 15 May 2025

https://github.com/beenuar/AiSOC

Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.

ai-security alert-triage cybersecurity detection-engineering docker fastapi incident-response mit-license mitre-attack nextjs open-source purple-team python security-operations self-hosted siem soar soc threat-detection threat-intelligence

Last synced: 09 Jun 2026

https://github.com/beenuar/aisoc

Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.

ai-security alert-triage cybersecurity detection-engineering docker fastapi incident-response mit-license mitre-attack nextjs open-source purple-team python security-operations self-hosted siem soar soc threat-detection threat-intelligence

Last synced: 30 May 2026

https://github.com/FunnyWolf/agentic-soc-platform

Agentic SOC Platform: A powerful, flexible, open-source, and agent-centric automated security operations platform

agentic-soc blueteam cybersecurity dify langchain langgraph llm siem soar

Last synced: 08 Jan 2026

https://github.com/strontic/xcyclopedia

Encyclopedia for Executables

command-line exe executable lolbins siem soar ssdeep

Last synced: 29 Apr 2025

https://strontic.github.io/xcyclopedia/

Encyclopedia for Executables

command-line exe executable lolbins siem soar ssdeep

Last synced: 10 Apr 2025

https://github.com/SecurityBrewery/catalyst

Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes

dfir digital-forensics incident-response soar

Last synced: 15 Sep 2025

https://github.com/securitybrewery/catalyst

Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes

dfir digital-forensics incident-response soar

Last synced: 06 Apr 2025

https://github.com/guanguans/laravel-soar

SQL optimizer and rewriter for laravel. - laravel 的 SQL 优化器和重写器。

clockwork debug debugbar laravel laravel-sql mysql optimize optimizer ray rewrite rewriter security-vulnerabilities soar sql sql-optimizer statement

Last synced: 02 Apr 2026

https://github.com/aquasecurity/postee

Notice: Postee is no longer under active development or maintenance.

aqua automation cloud-native devsecops docker golang jira kubernetes messaging opa rego security slack soar

Last synced: 12 Jan 2026

https://github.com/guanguans/soar-php

SQL optimizer and rewriter(assisted SQL tuning). - SQL 优化器和重写器(辅助 SQL 调优)。

debugbar mysql optimizer rewriter soar sql sql-alchemy sql-injection sql-optimizer sql-query sql-rewriter sql-tuning sqlalchemy tuning

Last synced: 08 Apr 2025

https://github.com/hequan2017/seal

django-base-templates 主要为 django 开发DEMO, 支持 非前后端分离 和 前后端分离模式 。

cmdb dev devops django goinception graphql graphql-django iview iview-admin kubernetes kubernetes-dashboard ops python python3 restful restful-api soar sql vue webssh

Last synced: 28 Jul 2025

https://github.com/bytedance/elkeid-hub

Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the community edition) data processing. The original intention is to solve complex data/event processing and external system linkage requirements through standardized rules.

event-engine rule-engine ruleengine soar stream-processing

Last synced: 13 Apr 2025

https://github.com/paulveillard/cybersecurity-soar

A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).

compliance-as-code compliant cyber-threat-intelligence design-patterns hacking-tools incident-management incident-matrix incident-response ios-hacking orchestration orchestration-services os-hardening regulatory scalability scalable-applications security-hardening siem soar

Last synced: 30 Jan 2026

https://github.com/bytedance/Elkeid-HUB

Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the community edition) data processing. The original intention is to solve complex data/event processing and external system linkage requirements through standardized rules.

event-engine rule-engine ruleengine soar stream-processing

Last synced: 19 Jul 2025

https://github.com/zercurity/zercurity

Manage, monitor and improve your cyber security posture.

cis-benchmark compliance linux macos osquery siem soar steampipe windows

Last synced: 06 Apr 2025

https://github.com/guanguans/think-soar

SQL optimizer and rewriter extension package for thinkphp5/6 framework.

debug mysql soar sql

Last synced: 26 Mar 2025

https://github.com/cookpad/deepalert

Serverless SOAR (Security Orchestration, Automation and Response) framework for automatic inspection and evaluation of security alert

aws go security serverless soar

Last synced: 13 Aug 2025

https://github.com/ibmresilient/resilient-python-api

Python Library for the IBM SOAR REST API, a Python SDK for developing Apps for IBM SOAR and more...

ibm open-source python resilient resilient-circuits resilient-sdk soar

Last synced: 14 Jan 2026

https://github.com/fkie-cad/logprep

log data pre processing, generation and shipping in python

etl kafka log logdata loggenerator logshipper opensearch preprocessing python soar sre

Last synced: 02 Mar 2026

https://github.com/secmon-lab/alertchain

Simple SOAR (Security Orchestration, Automation and Response) framework integrated with OPA/Rego

opa rego security-tools soar

Last synced: 27 Apr 2025

https://github.com/mthcht/lookup-editor_scripts

scripts using splunk application lookup-editor endpoint. Download, upload and update splunk lookups content

api automation lookup lookup-editor lookup-table lookups soar splunk splunkcloud update upload

Last synced: 10 Oct 2025

https://github.com/banhao/autospamemailscan

AutoSpamEmailScan.ps1 is used to monitor a specific mailbox that enterprise users can forward suspicious spam emails to a specific mailbox.

automation esa ews-api google-safe-browsing ironport mdatp minemeld phishing phishing-detection quarantine securex security security-automation soar spam spam-detection spam-emails virustotal workflow

Last synced: 26 Apr 2025

https://github.com/shuffle/shuffle-shared

A repository used as a Go module to help out with Shuffle development, and to ensure we reuse code structures everywhere.

api automation modules soar

Last synced: 10 May 2026

https://github.com/hookprobe/hookprobe

🛡️ Free AI that blocks hackers while you sleep. Runs on cheap hardware. When someone in Tokyo gets attacked, you're protected in 30 seconds. No fees. No experts needed. Just protection. One node's detection → everyone's protection.

ai-security automated-mitigation autonomous-threat-response cybersecurity ids iot-security ips n8n open-source-security qsecbit siem small-business soar sql-injection-prevention threat-detection threat-intelligence vxlan vxlan-interface waf zero-trust

Last synced: 05 Mar 2026

https://github.com/pkgforge/bincache

📦 The Largest Collection of Pre-Compiled Linux Static Binaries for Soar: The Modern, Bloat-Free Distro-Independent Package Manager

aarch64 binary bug-bounty bugbounty executable hacking linux musl package package-manager pentest-tool pre-compiled soar soarpkgs static static-binary static-linking statically-linked tools x86-64

Last synced: 10 Sep 2025

https://github.com/phantomcyber/splunk-soar-sdk

Splunk SOAR SDK - the official tool for Splunk SOAR app development

app cisco connector phantom sdk soar splunk

Last synced: 28 Feb 2026

https://github.com/yaron4u/sentinelfusion

An advanced threat hunting platform that combines the power of network monitoring, log analysis, and machine learning to proactively identify and respond to cyber threats.

analysis anomaly-detection cybersecurity integration meachinelearning network soar threat-hunting

Last synced: 14 Sep 2025

https://github.com/vvv-keys/404-discobot

AI-augmented, Discord-integrated, feed-fed, ML-driven, enterprise-grade cyber threat intelligence platform

cybersecurity llm machine-learning machine-learning-algorithms malware siem soar threat-hunting threat-intelligence

Last synced: 11 Jul 2025

https://github.com/shuffle/shufflepy

Connect to your favorite services with a single line of code

ai api automate lam llm ml shuffle singul soar

Last synced: 15 Oct 2025

https://github.com/laugiov/scambuster-preview

Defensive engagement & threat intelligence research laboratory. Converts inbound scam emails into actionable IOCs through controlled, policy-driven AI engagement. Multi-agent LLM architecture with adaptive strategy selection. Docs-only preview.

cybersecurity email-security fraud-prevention honeypot misp multi-agent-llm php reinforcement-learning siem soar soc stix symfony threat-intelligence

Last synced: 01 May 2026

https://github.com/techservicesillinois/phantom-toolbox

Splunk SOAR Application development libraries and utilities

libraries phantom soar splunk utiilites

Last synced: 04 Apr 2026

https://github.com/va1da5/phantom-http-cats

Splunk SOAR (Phantom) application for providing a visual representation of HTTP status codes

phantom python3 soar splunk splunk-phantom splunk-soar

Last synced: 09 Nov 2025

https://github.com/kitlabs-cn/kitsoarbundle

XiaoMi/soar (SQL Optimizer And Rewriter) in Symfony

kit-soar-bundle kitsoarbundle soar soar-bundle soar-php soar-symfony

Last synced: 04 Jan 2026

https://github.com/stevehoober254/cybersecurity-portfolio

🔐 Threat detection, Sigma rules, SIEM dashboards & automated incident response pipelines

blue-team cybersecurity detections incident-response malware-analysis sigma soar splunk threat-hunting

Last synced: 03 Feb 2026

https://github.com/darvinpatel/sentinel-walkthrough

This repository provides a comprehensive guide and scripts for setting up and managing Microsoft Sentinel. It includes step-by-step instructions and automation tools for configuring Sentinel, integrating data sources, and creating security alerts and dashboards for enhanced threat detection.

azure-sentinel defender-for-cloud sentinel siem soar threat-hunting threat-intelligence workbooks

Last synced: 19 Mar 2026

https://github.com/darvinpatel/soc-automation-lab

This repository contains automation scripts and configurations for Security Operations Centers (SOC). It includes tools for incident response, log management, and security alerting, aimed at streamlining SOC workflows and enhancing security event monitoring and management.

cassandra-cluster hive siem soar wazuh-agent

Last synced: 19 Mar 2026

https://github.com/abstractionslab/idps-escape

IDPS-ESCAPE (Intrusion Detection and Prevention Systems for Evading Supply Chain Attacks and Post-compromise Effects), part of the CyFORT project: open-source SOAR system powered by a dedicated ML-based anomaly detection toolbox (ADBox) integrated with open-source software such as Wazuh and Suricata.

anomaly-detection artificial-intelligence correlation data-ingestion docker graph-attention-network idps intrusion-detection machine-learning mtad-gat multivariate-timeseries opensearch pandas python3 pytorch siem soar suricata wazuh

Last synced: 07 May 2026

https://github.com/charlesbulabula/soc-automation-platform

Security Operations Center automation and orchestration platform

cybersecurity elasticsearch kafka python security-automation soar soc

Last synced: 03 Jun 2026

https://github.com/solomonneas/thehive-mcp

MCP server for TheHive incident response platform. Manage cases, alerts, tasks, observables, and investigations via AI agents.

ai-agents case-management incident-response mcp model-context-protocol security soar thehive

Last synced: 25 Apr 2026

https://github.com/solomonneas/cortex-mcp

MCP server for Cortex observable analysis and response engine

ai-agents automation cortex mcp model-context-protocol observable-analysis security soar

Last synced: 25 Apr 2026

https://github.com/solomonneas/playbook-forge

SOC playbook parser with mermaid diagram generation

automation blue-team cybersecurity incident-response playbooks security-operations soar

Last synced: 25 Apr 2026

https://github.com/dncrypter/splunk-soar-virustotal-playbook

The Lab shows how to create and configure Gorman_Virustotal app that allow us to configure with Virustotal-api-key, So we can reduce efforts of searching each Suspicious Event manually by visiting website.

playbook python soar splunk virustotal-api

Last synced: 27 Mar 2025

https://github.com/tphakala/go-xsoar

Native Go API client for Palo Alto Networks Cortex XSOAR 8.x / XSIAM

api-client cortex cortex-xsoar go golang palo-alto palo-alto-networks paloaltonetworks security siem soar xsiam xsoar

Last synced: 11 Jan 2026

https://github.com/danielecolon/azure-sentinel

Stop threats before they cause harm with an enterprise-wide security and monitoring service that presents a detailed overview of your organization across multiple clouds and on-premises locations.

azure azure-sentinel cybersecurity siem soar

Last synced: 24 Jan 2026