penxpkj/Defensive-Security-Hub

# Defensive Security Hub A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts. This repository aims to support your security efforts and enhance your skills. 🌐🔒

Size: 25.4 KB - Last synced at: about 17 hours ago - Pushed at: about 20 hours ago - Stars: 1 - Forks: 0

nbyiansec/sskit

安全运维工具箱是一款面向安全运维场景的集成化利器，融合了资产管理、资产测绘、漏洞检测、配置核查、弱口令检测、批量化运维、漏洞跟踪、报告生成以及日志审计等核心功能模块。

Size: 62.1 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 89 - Forks: 9

AWS-CSS-Portfolio/logging-monitoring

Centralized AWS security monitoring lab using CloudTrail, CloudWatch, and Athena to detect root account usage and unauthorized API calls. Includes saved queries, dashboards and threat-hunting examples.

Size: 3.62 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 0 - Forks: 0

panther-labs/mcp-panther

Write detections, investigate alerts, and query logs from your favorite AI agents

Language: Python - Size: 59.1 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 27 - Forks: 13

XnXaka10AgeRiots/Security-Incident-Response-Playbooks

🔒 Streamline security responses with playbooks for data breaches, DDoS attacks, and ransomware, complete with step-by-step guides and automation scripts.

Language: Python - Size: 19.5 KB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 0 - Forks: 0

haroutp/azure-security-architecture

Enterprise Azure security architecture with multi-domain implementation covering identity, network, compute, and security operations

Size: 172 KB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 0 - Forks: 0

reconmap/reconmap

Reconmap is a collaboration-first security operations platform for infosec teams and MSSPs, enabling end‑to‑end engagement management, from reconnaissance through execution and reporting. With built-in command automation, output parsing, and AI‑assisted summaries, it delivers faster, more structured, and high‑quality security assessments.

Language: HTML - Size: 327 KB - Last synced at: 5 days ago - Pushed at: 2 months ago - Stars: 786 - Forks: 111

MrM8BRH/Defensive-Security-Hub

A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.

Size: 4.02 MB - Last synced at: 18 days ago - Pushed at: 18 days ago - Stars: 8 - Forks: 1

darkquasar/purplerepo

🛡️⚔️ Curated GitHub repos for Defensive & Offensive Cyber Tradecraft

Language: TypeScript - Size: 17.4 MB - Last synced at: 30 days ago - Pushed at: about 1 month ago - Stars: 3 - Forks: 2

jason-p-nguyen/threat-hunting-projects

🕵️‍♂️ Hands-on threat hunting projects using Sentinel, MDE, and KQL. Includes queries, visualizations, and step-by-step analysis of suspicious activity.

Language: PowerShell - Size: 33.7 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

NwosuOnyinyeSusan/Incident-response-playbooks

Incident Response Playbooks for common cyber threats including malware, ransomware, phishing, and DDoS attacks. Structured actionable guides for effective security operations and response.

Size: 1.31 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

tymyrddin/blue

Blue team

Language: CSS - Size: 112 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

YASHWANTgs/SOC-Ticketing-workflow-Jira-ServiceNow

Simulated SOC ticketing workflow using Jira and serviceNow for phishing, Malware, And login alert investigations.

Size: 2.11 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

Samuelade24/Cybersecurity_portfolio

this cybersecurity portfolio showcases Samuel's expertise in various security domains, including web application security and network security. His projects and reports demonstrate his skills as a penetration tester and security researcher.

Size: 2.46 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

Richard-Johnson-Links/cybersecurity-blue-team-journey

Language: Python - Size: 30.3 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

gbrigandi/mcp-server-wazuh

MCP Server for Wazuh SIEM

Language: Rust - Size: 663 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 71 - Forks: 19

jeffersonmwatati/jeffersonmwatati

This repository serves as my personal portfolio (Mr. Jefferson Mwatati), a Lecturer specializing in Cybersecurity and Data Analytics. It showcases my professional background, areas of expertise, and interests in integrating cybersecurity measures with data analytics to enhance business processes and security.rief portfolio

Size: 278 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

alaamjadi/TryHackMe-Workspace

A portfolio of completed rooms, challenges, and CTFs from TryHackMe.com, showcasing hands-on experience with real-world cybersecurity scenarios — from hacking machines to investigating attacks. This collection highlights my practical skills across diverse technologies, reflecting my growth and learning through various cybersecurity learning paths.

Size: 151 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

josamontiel/calderaVM-deployment

A walkthough deploying Caldera on an Azure VM for SOC training

Size: 1.95 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

SriBalaji2112/Advanced-Techniques-for-Detecting-Anomalies-in-EDR-Logs-for-Cybersecurity-SOC-Analytics

This project focuses on building an AI-driven anomaly detection framework that uses the Isolation Forest algorithm to identify suspicious events in unstructured system log data.

Language: Python - Size: 10.6 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

GoogleCloudPlatform/security-analytics

Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud

Language: Python - Size: 965 KB - Last synced at: 4 months ago - Pushed at: about 1 year ago - Stars: 342 - Forks: 71

satan1a/TheRoadOfSO

学习安全运营的记录 | The knowledge base of security operation

Language: HTML - Size: 21.8 MB - Last synced at: 4 months ago - Pushed at: about 2 years ago - Stars: 793 - Forks: 175

helenscun/mitre-attack-threat-mapper

A comprehensive Python tool that maps malware to MITRE ATT&CK techniques, generates threat intelligence reports, and creates custom red team playbooks. This application fetches the latest MITRE ATT&CK framework data, identifies techniques associated with specific malware, visualizes attack patterns, and provides actionable security recommendations.

Language: Python - Size: 0 Bytes - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

rfc391/SentinelOps

SentinelOps is a modular platform designed for managing high-security operations. It supports real-time data analysis, threat assessment, and incident response, making it ideal for sensitive or mission-critical environments.

Language: Python - Size: 147 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

GrizonRussell/SOC-Security-Log-Analyzer

SOC Security Log Analyzer: AI-powered threat detection for security professionals.

Language: Python - Size: 12.7 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0

NVISOsecurity/ee-outliers 📦

Open-source framework to detect outliers in Elasticsearch events

Language: Python - Size: 3.92 MB - Last synced at: 4 months ago - Pushed at: over 2 years ago - Stars: 209 - Forks: 33

iam-niranjan/SOC-Security-Log-Analyzer

SOC Security Log Analyzer: AI-powered threat detection for security professionals.

Language: Python - Size: 12.7 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0

aymenmarjan/MISP-Wazuh-Integration

A comprehensive integration solution connecting MISP threat intelligence with Wazuh security monitoring for real-time threat detection. This project provides step-by-step instructions for deploying, configuring, and integrating MISP and Wazuh with Sysmon to automatically detect indicators of compromise (IoCs) in your environment.

Size: 3.54 MB - Last synced at: 5 months ago - Pushed at: 6 months ago - Stars: 1 - Forks: 0

hydecelestia7/Automated-SOC

This repository provides a comprehensive guide to setting up an Automated Security Operations Center (SOC) using open-source tools like Wazuh, TheHive, and Shuffle.

Size: 40 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0

Micahs0Day/micahs0day.github.io

Micah's 0-Day - Cybersecurity Blog

Language: SCSS - Size: 26.3 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0

austinsonger/Interviewing

Interviewing Help for Information Security Jobs (With Answers)

Size: 518 KB - Last synced at: 3 months ago - Pushed at: 6 months ago - Stars: 6 - Forks: 2

NP558565/ISC2-CC-Cybersecurity-Study-Material

My learning, tutorials on Cybersecurity

Language: HTML - Size: 42.2 MB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 46 - Forks: 16

H3llKa1ser/SOC-Assistant-Guide

A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.

Size: 182 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 9 - Forks: 2

alexfrancow/iSOC

:bar_chart: Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.

Language: Jupyter Notebook - Size: 117 MB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 19 - Forks: 11

ptamar/Mentoriot

A comprehensive cybersecurity project focusing on the implementation and analysis of SIEM systems and SOC operations. Includes practical applications of security techniques and vulnerability assessments.

Size: 5.13 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0

SHolzhauer/elastic-tip

Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common format into Elasticsearch with the main goal of being used by the Security solution.

Language: Python - Size: 67.4 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 27 - Forks: 5

sparksis/sops Fork of getsops/sops

Simple and flexible tool for managing secrets

Language: Go - Size: 138 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0

PauldeLove/finalproject_CIP

This is my Stanford University Code in Place final project code. It is a visualization of some of part of the operations data. The code is written in python.

Language: Jupyter Notebook - Size: 619 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0

databricks-industry-solutions/incident-investigation-using-graphistry

Visual analytics using Databricks & Graphistry for cybersecurity investigations

Language: Python - Size: 90.8 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 3 - Forks: 5

gerardokaztro/cybersecurity-entry-level

Curso para aprender Ciberseguridad desde cero, en español y 100% gratis. Abarca 5 dominios fundamentales que necesitas conocer para poder dar tus primeros pasos en este apasionante mundo.

Size: 17.6 MB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 102 - Forks: 8

Kirtar22/Litmus_Test

Detecting ATT&CK techniques & tactics for Linux

Language: Roff - Size: 380 KB - Last synced at: over 1 year ago - Pushed at: almost 5 years ago - Stars: 251 - Forks: 56

w8mej/neurostorm_hub

This is your guide to the AI Tier 1/2/3 SOC, your grimoire of spells and wards against the digital nasties.

Language: Jupyter Notebook - Size: 12.1 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

w8mej/TireFire

A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations.

Language: Python - Size: 14.6 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 4 - Forks: 2

Chinuaoku/ISC2-Certified-in-Cybersecurity

This is a cybersecurity certification that proves that an individual have the fundamental knowledge, skills and ability for an entry-level or junior-level cybersecurity role. It is ANAB accredited, ISO/IEC STANDARD 17024.

Size: 966 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0

gabrielcurrie/conference-talks

Hosting slides for conference talks I've delivered.

Size: 921 KB - Last synced at: almost 2 years ago - Pushed at: over 3 years ago - Stars: 0 - Forks: 0

Balzu/Security-Events-Explorer

A user-friendly and powerful tool to analyze Windows Security Events

Language: JavaScript - Size: 6.02 MB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 4 - Forks: 0

0xThiebaut/dnsbeat 📦

An Elasticsearch Beat to monitor DNS zones through customizable zone transfers.

Language: Go - Size: 54 MB - Last synced at: 7 days ago - Pushed at: over 5 years ago - Stars: 13 - Forks: 4

ControlCompass/ControlCompass.github.io

Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques

Language: JavaScript - Size: 2.78 MB - Last synced at: over 2 years ago - Pushed at: almost 3 years ago - Stars: 91 - Forks: 20

egrzeszczak/open-source-soc-docker-compose

Security Operations Center stack via docker-compose using only open source solutions

Language: Shell - Size: 176 KB - Last synced at: over 2 years ago - Pushed at: almost 3 years ago - Stars: 3 - Forks: 0

austinsonger/Intel-Hash

Takes a Onion URL and Hashes it and compares it against blacklisted hashed onion URLS

Language: Python - Size: 3.11 MB - Last synced at: 6 months ago - Pushed at: over 4 years ago - Stars: 1 - Forks: 0