Interactive Tool

Playbook Builder

Create, manage, and execute operational playbooks for security engagements. Track tasks, collect evidence, and maintain comprehensive documentation throughout your operations.

Information

100% Client-Side Storage: All playbook data is stored locally using IndexedDB. Your operational details never leave your browser, ensuring complete privacy and security.

Playbook Builder

Create and manage operational playbooks for security engagements

Client-Side Storage

🔴 Red Team Operations

(2 templates)

Red Team Engagement

red-team

Comprehensive adversary simulation engagement playbook covering reconnaissance through objective completion

8 phases32 tasks~160hadvanced

Social Engineering Campaign

red-team

Multi-vector social engineering assessment including phishing, vishing, and physical security testing

5 phases15 tasks~40hintermediate

🚨 Incident Response

(2 templates)

Incident Response Playbook

incident-response

Comprehensive incident response playbook following NIST IR lifecycle

6 phases28 tasks~48hadvanced

Ransomware Incident Response

incident-response

Specialized incident response playbook for ransomware attacks including containment, eradication, and recovery

6 phases22 tasks~72hexpert

🟣 Purple Team Exercises

(1 template)

Purple Team Exercise

purple-team

Collaborative red and blue team exercise to improve detection and response capabilities

7 phases30 tasks~80hadvanced

🔵 Penetration Testing

(5 templates)

Web Application Penetration Test

pentest

Comprehensive web application security assessment playbook

9 phases39 tasks~40hintermediate

Network Infrastructure Penetration Test

pentest

Comprehensive internal network security assessment including network segmentation, device security, and lateral movement testing

5 phases14 tasks~80hintermediate

Cloud Security Assessment (AWS/Azure/GCP)

pentest

Comprehensive cloud infrastructure security audit covering IAM, storage, compute, and network configurations

5 phases15 tasks~60hadvanced

Mobile Application Penetration Test

pentest

Comprehensive security assessment of iOS and Android applications including static/dynamic analysis and API testing

5 phases15 tasks~50hadvanced

Wireless Network Penetration Test

pentest

Comprehensive WiFi security assessment including WPA/WPA2/WPA3 testing, rogue AP detection, and Bluetooth security

5 phases15 tasks~32hintermediate

📋 Compliance & Audits

(4 templates)

Supply Chain Security Audit

compliance

Comprehensive third-party and vendor risk assessment including software supply chain security

5 phases15 tasks~45hintermediate

Physical Security Assessment

compliance

Comprehensive facility security audit including perimeter, access controls, surveillance, and security policies

6 phases19 tasks~40hbeginner

DevSecOps Pipeline Security Audit

compliance

Security assessment of CI/CD pipelines, IaC, container registries, and deployment automation

6 phases18 tasks~35hadvanced

Zero Trust Architecture Review

compliance

Comprehensive assessment of Zero Trust implementation including identity, devices, networks, and data protection

7 phases21 tasks~50hexpert

📖 How to Use

  1. 1. Browse templates and select one
  2. 2. Create playbook from template
  3. 3. Customize name and description
  4. 4. Check off tasks as you complete them
  5. 5. Add evidence files and notes
  6. 6. 🔐 Encrypt with password (optional)
  7. 7. Export as Markdown, PDF, JSON, or Secure Archive

Tip: Auto-saves every second. Your data never leaves your browser.

Key Features

Task Tracking - Multi-phase management
Evidence Collection - Attach files to tasks
🔐 Encryption - AES-256 password protection
🔒 Redaction Tool - Auto-redact sensitive data
Audit Logging - Tamper-evident trail
Data Expiration - Auto-delete on date
Export Options - MD, PDF, JSON, Secure ZIP

💡 Best Practices

Update Frequently The tool auto-saves, so update tasks in real-time during engagements while context is fresh.
Collect Evidence Early Attach screenshots and files immediately. Don't wait until the end of the engagement.
Use Notes Liberally Document decisions, findings, and observations in task notes for comprehensive reporting.
🔐 Encrypt Sensitive Data Use password encryption for playbooks containing confidential information or client data.
🔒 Redact Before Sharing Use the redaction tool to automatically remove IPs, emails, and credentials before exporting.
Export Securely Use Secure Archive export with password protection when sharing playbooks externally.
Customize Templates Create and modify custom templates to fit your specific engagement needs.
Track Critical Tasks Focus on critical priority items first to ensure essential objectives are completed.
Set Expiration Dates Configure auto-deletion for time-sensitive playbooks to maintain data hygiene.

⚙️ Technical Details

Storage Technology: IndexedDB
Storage Capacity: 50MB - 1GB+
Auto-save Interval: 1 second debounced
File Handling: Base64 encoding
Encryption: AES-256-GCM, PBKDF2
Export Formats: MD, PDF, JSON, Secure ZIP
Network Requests: None (100% local)

Warning

Large File Storage: IndexedDB can store 50MB+ of data including evidence files. If you encounter storage limits, consider exporting to JSON periodically as backups.