#Soc
Showing 40 of 40 repositories tagged #soc, ranked by stars
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
A curated knowledge base to build, run and mature a SOC (including CSIRT).
Awesome Security lists for SOC/CERT/CTI
Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.
The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
学习安全运营的记录 | The knowledge base of security operation
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
Tenzir is the data pipeline engine for security teams.
SIEM Tactics, Techiques, and Procedures
Windows应急响应工具---Hawkeye(鹰眼)。集Windows日志分析,进程扫描,主机信息于一体的综合应急响应分析工具
常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Companion Jupyter Notebooks for the RFSoC-Book.
A modular, skill-based autonomous Security Operations Center (SOC) agent that monitors OpenSearch/Elasticsearch data, builds RAG-based behavioral memory, and validates real-time anomalies using LLMs.
PatrowlHears - Vulnerability Intelligence Center / Exploits
A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incident response. It enriches alerts using VirusTotal & AbuseIPDB, creates incidents in TheHive, and sends real-time Discord notifications.
Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam prep and skill-building in blue team operations.
Tools to Flash Allwinner Firmware to Devices like PhoenixSuit and LiveSuit. Support Windows, Linux, macOS
Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IOC and monitoring.
Ultimate Cybersecurity Roadmap (2025 Edition) | Beginner to Advanced Guide | Learn Ethical Hacking, SOC Analysis, Threat Hunting, Incident Response, and More by Shaikh Minhaj (Cyber With Minhaj)
A project dedicated to developing a hardware Integrated Circuit (IC) for a Spike Neural Network (SNN), powered by the RTL code generated by ChatGPT-4 with advanced optimizations.
Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, podcasts, Twitter/X accounts and a set of tools relevant to the role of SOC analyst.
WinLogAgent - A user-friendly, modern, and readily deployable Windows log collection client that makes it easy to forward collected logs to a SOC or SIEM.
Powerful Kernel Windows Platform for Malware Analysis, SRE, Forensics & Threat Hunting
My own cybersecurity research talks/slides
Real-time intrusion detection system that monitors honeypot files and sends instant Discord alerts when unauthorized access is detected. Built for Homelabs.
Cisco Press CCNA Cyber Ops Books and Video Courses supplemental information and additional study materials.
A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks including Phishing Email Analysis & Brand Monitoring to fasten the incident response.
Open-Source autonomous security operations and red teaming agent built to help defenders investigate threats, analyze vulnerabilities, assess indicators of compromise, generate hardening guidance, and execute security research through an auditable agent workflow.
Self-hosted PCAP analysis platform with LLM-powered incident triage, signature-based threat detection, and AI-generated incident narratives. Features network change monitoring across captures, deep packet inspection via nDPI, and automated Wireshark filter generation. Runs fully offline with local LLMs (Ollama, LM Studio).
SOC Analyst Level 1 Replacement using RAG LLM
Useful resources for hackers ;)
NHSuite allows users to efficiently manage their QRadar Network Hierarchy. Utilizing the provided QRadar API, users can seamlessly export, import, and fetch domain information in a CSV format.
Certified SOC Analyst (CSA) Program - A comprehensive 6-month, hands-on Security Operations Center training curriculum. Developed by Aminu Idris, AMCPN | International Cybersecurity and Digital Forensics Academy (ICDFA)
A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.
Threats analysis tool
Advanced Network Reconnaissance & Vulnerability Discovery Tool: A blazing-fast, comprehensive reconnaissance tool built in Go for modern security professionals.