#Soc

Showing 40 of 40 repositories tagged #soc, ranked by stars

ihebski
ihebski
DefaultCreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

Score
0
★ 6.6k ⑂ 780 +3/day
Python
cyb3rxp
cyb3rxp
awesome-soc

A curated knowledge base to build, run and mature a SOC (including CSIRT).

Score
100
★ 1.8k ⑂ 277 +4/day
mthcht
mthcht
awesome-lists

Awesome Security lists for SOC/CERT/CTI

Score
97
★ 1.7k ⑂ 200
YARA
beenuar
beenuar
AiSOC

Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.

Score
94
★ 1.5k ⑂ 149 +1/day
Python
TheresAFewConors
TheresAFewConors
Sooty

The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

Score
73
★ 1.5k ⑂ 221 +1/day
Python
satan1a
satan1a
TheRoadOfSO

学习安全运营的记录 | The knowledge base of security operation

Score
67
★ 902 ⑂ 178
HTML
securityjoes
securityjoes
MasterParser

MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs

Score
79
★ 759 ⑂ 69
PowerShell
tenzir
tenzir
tenzir

Tenzir is the data pipeline engine for security teams.

Score
91
★ 747 ⑂ 105
C++
TonyPhipps
TonyPhipps
SIEM

SIEM Tactics, Techiques, and Procedures

Score
88
★ 720 ⑂ 114
PowerShell
mir1ce
mir1ce
Hawkeye

Windows应急响应工具---Hawkeye(鹰眼)。集Windows日志分析,进程扫描,主机信息于一体的综合应急响应分析工具

Score
0
★ 689 ⑂ 28
0x783kb
0x783kb
Threat-Analysis-Handbook

常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!

Score
85
★ 651 ⑂ 144
utmstack
utmstack
UTMStack

Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

Score
82
★ 577 ⑂ 75 +1/day
TypeScript
TonyPhipps
TonyPhipps
Meerkat

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

Score
58
★ 483 ⑂ 85
PowerShell
strath-sdr
strath-sdr
RFSoC-Book

Companion Jupyter Notebooks for the RFSoC-Book.

Score
0
★ 270 ⑂ 62 +3/day
Jupyter Notebook
SecurityClaw
SecurityClaw
SecurityClaw

A modular, skill-based autonomous Security Operations Center (SOC) agent that monitors OpenSearch/Elasticsearch data, builds RAG-based behavioral memory, and validates real-time anomalies using LLMs.

Score
76
★ 251 ⑂ 26 +1/day
Python
Patrowl
Patrowl
PatrowlHears

PatrowlHears - Vulnerability Intelligence Center / Exploits

Score
70
★ 167 ⑂ 53
Python
securityjoes
securityjoes
ForensicMiner

A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.

Score
0
★ 163 ⑂ 20
PowerShell
ControlCompass
ControlCompass
ControlCompass.github.io

Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques

Score
30
★ 143 ⑂ 27
JavaScript
malwarekid
malwarekid
SOAR-Flow

SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incident response. It enriches alerts using VirusTotal & AbuseIPDB, creates incidents in TheHive, and sends real-time Discord notifications.

Score
36
★ 136 ⑂ 34
MaheshShukla1
MaheshShukla1
SOC-Analyst-Notes

Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam prep and skill-building in blue team operations.

Score
61
★ 133 ⑂ 19 +3/day
YuzukiTsuru
YuzukiTsuru
OpenixSuit

Tools to Flash Allwinner Firmware to Devices like PhoenixSuit and LiveSuit. Support Windows, Linux, macOS

Score
100
★ 127 ⑂ 7 +4/day
DXC-0
DXC-0
soc-ressources

Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IOC and monitoring.

Score
64
★ 121 ⑂ 19 +1/day
minhaj-313
minhaj-313
-Ultimate-Cybersecurity-Roadmap

Ultimate Cybersecurity Roadmap (2025 Edition) | Beginner to Advanced Guide | Learn Ethical Hacking, SOC Analysis, Threat Hunting, Incident Response, and More by Shaikh Minhaj (Cyber With Minhaj)

Score
15
★ 82 ⑂ 9
edabk-hust
edabk-hust
edabk_brain_soc

A project dedicated to developing a hardware Integrated Circuit (IC) for a Spike Neural Network (SNN), powered by the RTL code generated by ChatGPT-4 with advanced optimizations.

Score
0
★ 71 ⑂ 12 +1/day
Verilog
st0pp3r
st0pp3r
awesome-soc-analyst

Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, podcasts, Twitter/X accounts and a set of tools relevant to the role of SOC analyst.

Score
45
★ 63 ⑂ 3 +1/day
HTML
Baichuan-DI
Baichuan-DI
WinLogAgent

WinLogAgent - A user-friendly, modern, and readily deployable Windows log collection client that makes it easy to forward collected logs to a SOC or SIEM.

Score
52
★ 50 ⑂ 3 +1/day
8damon
8damon
Blackbird

Powerful Kernel Windows Platform for Malware Analysis, SRE, Forensics & Threat Hunting

Score
55
★ 48 ⑂ 7 +21/day
C#
AkechiShiro
AkechiShiro
slides-talks

My own cybersecurity research talks/slides

Score
3
★ 38 ⑂ 1
AlexPGAO
AlexPGAO
honeyfile-watcher

Real-time intrusion detection system that monitors honeypot files and sends instant Discord alerts when unauthorized access is detected. Built for Homelabs.

Score
33
★ 34 ⑂ 0
Python
santosomar
santosomar
cyberops

Cisco Press CCNA Cyber Ops Books and Video Courses supplemental information and additional study materials.

Score
12
★ 31 ⑂ 13
AzharAnwar9
AzharAnwar9
Security-Event-Analysis-Automation-Tool

A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks including Phishing Email Analysis & Brand Monitoring to fasten the incident response.

Score
6
★ 29 ⑂ 6
Python
Cogensec
Cogensec
Gideon

Open-Source autonomous security operations and red teaming agent built to help defenders investigate threats, analyze vulnerabilities, assess indicators of compromise, generate hardening guidance, and execute security research through an auditable agent workflow.

Score
48
★ 28 ⑂ 13
TypeScript
NotYuSheng
NotYuSheng
TracePcap

Self-hosted PCAP analysis platform with LLM-powered incident triage, signature-based threat detection, and AI-generated incident narratives. Features network change monitoring across captures, deep packet inspection via nDPI, and automated Wireshark filter generation. Runs fully offline with local LLMs (Ollama, LM Studio).

Score
42
★ 28 ⑂ 0 +1/day
TypeScript
clab60917
clab60917
RAG-LLM-SOC_analyst

SOC Analyst Level 1 Replacement using RAG LLM

Score
9
★ 28 ⑂ 9
Python
h0ek
h0ek
sec-res

Useful resources for hackers ;)

Score
39
★ 27 ⑂ 3
zoldax
zoldax
NHSuite

NHSuite allows users to efficiently manage their QRadar Network Hierarchy. Utilizing the provided QRadar API, users can seamlessly export, import, and fetch domain information in a CSV format.

Score
0
★ 26 ⑂ 2
Python
icdfa
icdfa
soc-training-program

Certified SOC Analyst (CSA) Program - A comprehensive 6-month, hands-on Security Operations Center training curriculum. Developed by Aminu Idris, AMCPN | International Cybersecurity and Digital Forensics Academy (ICDFA)

Score
27
★ 22 ⑂ 5 +1/day
Python
MrM8BRH
MrM8BRH
Defensive-Security-Hub

A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.

Score
18
★ 15 ⑂ 2
sp34rh34d
sp34rh34d
CyberSeek

Threats analysis tool

Score
21
★ 15 ⑂ 4
JavaScript
MrEchoFi
MrEchoFi
BannerGrapV2

Advanced Network Reconnaissance & Vulnerability Discovery Tool: A blazing-fast, comprehensive reconnaissance tool built in Go for modern security professionals.

Score
24
★ 10 ⑂ 3
Go
Related Topics
#cybersecurity#security#threat-hunting#siem#incident-response#dfir#blueteam#security-operations-center#security-tools#detection-engineering#threat-detection#threat-intelligence

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly