Python incident-response

Open-source Python projects categorized as incident-response
Edit details
Python Dfir Cybersecurity threat-hunting digital-forensics
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Top 23 Python incident-response Projects

Python logo
incident-response

  1. Anthropic-Cybersecurity-Skills

    754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 26 security domains · Apache 2.0

    Project mention: Claude for Small Business: 382K Day-One Buyer's Guide | dev.to | 2026-05-25

    The GitHub Trending board today corroborates this. Of the top fifteen repos, at least four are explicitly Skills-targeted: multica-ai/andrej-karpathy-skills (154K stars), affaan-m/ECC (192K stars), mukul975/Anthropic-Cybersecurity-Skills (9K), and the broader multica-ai/multica managed-agents platform.

  2. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  3. IntelOwl

    IntelOwl: manage your Threat Intelligence at scale

    Project mention: All Data and AI Weekly #224-12 Jan 2026 | dev.to | 2026-01-12

    GitHub Repo

  4. volatility3

    Volatility 3.0 development

    Project mention: Data Science Techniques That Speed Up Incident Response | dev.to | 2026-05-04

    These techniques are force multipliers, not substitutes for forensic tools. They don't replace Autopsy, Volatility, or Plaso. The pattern is: Plaso builds the timeline, pandas lets you filter and analyze it; Volatility extracts memory artifacts, Python processes what Volatility extracts.

  5. holmesgpt

    SRE Agent - CNCF Sandbox Project

    Project mention: What is an AI SRE? Definition, Capabilities, and 2026 Buyer's Lens | dev.to | 2026-05-21

    Infrastructure tool execution. The agent reads from kubectl, cloud SDKs, observability backends, and ticket systems. Some agents also write, with guardrails. HolmesGPT documents read-only access with RBAC respect. Aurora documents sandboxed execution into an isolated namespace. K8sGPT documents Kubernetes-only diagnostics with anonymisation before any AI backend call.

  6. Bashfuscator

    A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

  7. Incident-Playbook

    GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

  8. iris-web

    Collaborative Incident Response platform

  9. APT-Hunter

    APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

  10. beagle

    Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs. (by yampelo)

  11. ThePhish

    ThePhish: an automated phishing email analysis tool

  12. intelmq

    IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

  13. CyberThreatHunting

    A collection of resources for Threat Hunters

  14. atc-react

    A knowledge base of actionable Incident Response techniques

  15. cyberbro

    A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

  16. incidental

    An opensource incident management platform integrating with Slack.

    Project mention: That Weekend Incident Bot? It Costs $233K | dev.to | 2026-03-10

    Incidental: Slack integration, status pages. Most capable open option remaining, but still early (v0.1.0).

  17. dfirtrack

    DFIRTrack - The Incident Response Tracking Application

  18. Cortex-Analyzers

    Cortex Analyzers Repository

    Project mention: All Data and AI Weekly #224-12 Jan 2026 | dev.to | 2026-01-12

    GitHub Repo

  19. misp-taxonomies

    Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

  20. assisted-log-enabler-for-aws

    Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

  21. TheHive4py

    Python API Client for TheHive

  22. Information-Security-Tasks

    This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

  23. kc7

    A cybersecurity game in Azure Data Explorer

  24. incidentbot

    The Open Source Incident Management Framework

    Project mention: That Weekend Incident Bot? It Costs $233K | dev.to | 2026-03-10

    incident-bot: Slack-based, Python/PostgreSQL. Integrates with PagerDuty, Jira, Confluence.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Python incident-response discussion

Log in or Post with

Python incident-response related posts

  • Tracing torch.cuda.empty_cache() on an RTX 4090 - Where Do the 53 MB Go?

    2 projects | dev.to | 28 May 2026

  • What Happens When an AI Agent Gets Kernel-Level GPU Traces

    2 projects | dev.to | 16 Apr 2026

  • Tracing torch.cuda.empty_cache() on an RTX 4090 - Where Do the 53 MB Go?

    2 projects | dev.to | 25 Mar 2026

  • That Weekend Incident Bot? It Costs $233K

    3 projects | dev.to | 10 Mar 2026

  • Volatility: The volatile memory forensic extraction framework

    1 project | news.ycombinator.com | 22 Feb 2026

  • Show HN: I am building an open-source incident management platform

    3 projects | news.ycombinator.com | 8 Jul 2024

  • Volatility 3 2.4.1 - New Linux and Windows plugins

    1 project | /r/blueteamsec | 22 Apr 2023
  • A note from our sponsor - SaaSHub
    www.saashub.com | 13 Jun 2026
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source incident-response projects in Python? This list will help you:

# Project Stars
1 Anthropic-Cybersecurity-Skills 15,458
2 IntelOwl 4,596
3 volatility3 4,170
4 holmesgpt 2,577
5 Bashfuscator 1,965
6 Incident-Playbook 1,554
7 iris-web 1,505
8 APT-Hunter 1,408
9 beagle 1,346
10 ThePhish 1,334
11 intelmq 1,114
12 CyberThreatHunting 916
13 atc-react 665
14 cyberbro 663
15 incidental 560
16 dfirtrack 536
17 Cortex-Analyzers 485
18 misp-taxonomies 298
19 assisted-log-enabler-for-aws 274
20 TheHive4py 237
21 Information-Security-Tasks 180
22 kc7 175
23 incidentbot 163

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com

Did you know that Python is
the 1st most popular programming language
based on number of references?

Loading...