Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

Topic: "security-operations-center"

utmstack/UTMStack

Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

Language: TypeScript - Size: 192 MB - Last synced at: 5 days ago - Pushed at: 7 days ago - Stars: 515 - Forks: 71

MaheshShukla1/SOC-Analyst-Notes

Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam prep and skill-building in blue team operations.

Size: 985 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 60 - Forks: 12

quitehacker/MITRE-ATTACK-Enterprise-Matrix-in-Excel-for-SOC

The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simplifies tracking of security readiness against ATT&CK® tactics and techniques, offering a customizable, user-friendly interface for SOC analysts.

Size: 8.2 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 30 - Forks: 2

inthecyber-group/securityonion-n8n-workflows

Threat Intelligence Analysis workflows built with n8n and integrated in SecurityOnion

Size: 59.6 KB - Last synced at: 10 months ago - Pushed at: over 1 year ago - Stars: 12 - Forks: 4

MrM8BRH/Defensive-Security-Hub

A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.

Size: 4.04 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 9 - Forks: 1

awais922609/Lets-Defend-Solutions

The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 months ago. These answers can be used by others who want to learn and practice their skills in cybersecurity.

Size: 6.84 KB - Last synced at: 9 months ago - Pushed at: over 2 years ago - Stars: 5 - Forks: 3

MrezaDorudian/HunterBee

A log-based Threat Hunting tool

Language: Python - Size: 563 KB - Last synced at: almost 3 years ago - Pushed at: about 3 years ago - Stars: 5 - Forks: 0

MichalSoltysikSOC/SOC-lab-tools

A set of Windows tools designed for SOC labs and controlled test environments providing automated TLS key logging setup for web encrypted traffic analysis and enabling or disabling of 16 Windows Defender components (9 functional protection components and 7 services/drivers) to support malware research, detection engineering, and Blue Team training.

Size: 3.45 MB - Last synced at: about 17 hours ago - Pushed at: 5 days ago - Stars: 3 - Forks: 0

texasbe2trill/AlertSage

An NLP system for classifying cybersecurity incident descriptions into meaningful event types. Designed to mirror early SOC triage, it transforms unstructured analyst text into structured labels using synthetic SOC-style data, MITRE-aligned patterns, and an uncertainty-aware prediction pipeline.

Language: Jupyter Notebook - Size: 22.5 MB - Last synced at: 5 days ago - Pushed at: 8 days ago - Stars: 3 - Forks: 2

NONAN23x/SoC-Home-Lab

Yet another SoC Lab

Language: Python - Size: 897 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 2 - Forks: 0

hyphennR/Document_SOC_Home_Lab

This repository hold a complete step by step documentation of the creation of a Security Operations Center SOC home lab.

Size: 5.2 MB - Last synced at: 21 days ago - Pushed at: 10 months ago - Stars: 2 - Forks: 0

MaheshShukla1/Python-SOC-Security-notes

PythonSOCModules: Elevate your Security Operations Center (SOC) with Python's Paramiko, Requests, PyShark, Scapy, Matplotlib, and Seaborn modules. Strengthen security monitoring, incident detection, and response.

Size: 26.4 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 2 - Forks: 0

penxpkj/Defensive-Security-Hub

# Defensive Security Hub A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts. This repository aims to support your security efforts and enhance your skills. 🌐🔒

Size: 25.4 KB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 1 - Forks: 0

Cyberfortress-Labs/Cyberfortress-SmartXDR-Core

CyberFortress-SmartXDR-Core provides the central AI-driven intelligence layer for the CyberFortress Intelligent SOC Ecosystem. It delivers alert triage, IOC enrichment, MITRE mapping, and automated response logic through a unified Flask-based AI gateway.

Language: Python - Size: 14.5 MB - Last synced at: 12 days ago - Pushed at: 14 days ago - Stars: 1 - Forks: 0

Cyberfortress-Labs/Cyberfortress-Intelligent-SOC-Ecosystem

An Intelligent SOC Ecosystem that integrates SIEM, SOAR, and SmartXDR to enhance monitoring, detection, and response to cyber attacks. SmartXDR combines OpenXDR tools (Wazuh, Suricata, Zeek, pfSense,…) with AI/ML to reduce false positives, prioritize critical threats, and accelerate incident response, ensuring a more adaptive and effective SOC.

Size: 20.5 KB - Last synced at: 13 days ago - Pushed at: 15 days ago - Stars: 1 - Forks: 0

duncarobertdenis/SOC-in-a-Box

Security Operations Center: pfSense firewall, Security Onion IDS/IPS, Splunk SIEM, Wazuh EDR — multi-layered threat monitoring and incident response

Size: 4.17 MB - Last synced at: 21 days ago - Pushed at: 23 days ago - Stars: 1 - Forks: 0

RidwanHaque/CyberSecurityLab-SOC-Honeynet-on-Azure

utilizing Azure/AWS/GCS and implementing cybersecurity and networking principles

Size: 505 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 1 - Forks: 0

mortuja001/Splunk_UF

A complete solution to monitor and manage Splunk Universal Forwarder deployments in an on-premises SOC environment. This project includes a UF auto-installation script, a custom Splunk dashboard to track forwarder heartbeat, log ingestion delays, and deployment server check-ins. Also includes an optional REST API script for automated health checks.

Language: Shell - Size: 49.8 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 1 - Forks: 0

mortuja001/splunk-brute-force-detector

A Splunk-based detection and alerting system to identify brute-force attacks and login abuse across Linux SSH, Windows systems, web applications, and known malicious user-agents. Includes dashboards, alerts, saved searches, macros, and Slack/email notifications.

Language: Python - Size: 23.4 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 1 - Forks: 0

wehr-to/SOC-Operations-Lab

A curated set of labs, categorized into three difficulty tiers in preparation for HTB and TryHackMe's SOC certifications

Size: 49.8 KB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 1 - Forks: 0

Cipherkrish69x/SOC-Analyst-Project

A comprehensive SOC Analyst project that includes detection rules, attack simulations, automated responses, and SIEM configuration.

Language: Shell - Size: 75.2 KB - Last synced at: 7 months ago - Pushed at: 8 months ago - Stars: 1 - Forks: 0

ImdadMiran17/SOC-Home-Lab-Setup

This repository showcases how I configured a SOC home lab using VirtualBox, deploying a Windows server host and a linux host to forward Sysmon logs via Splunk Universal Forwarder to a Splunk server. Integrated Atomic Red Team to simulate attack scenarios, generating logs for monitoring and analysis in Splunk for threat detection.

Size: 1.8 MB - Last synced at: 2 months ago - Pushed at: 10 months ago - Stars: 1 - Forks: 0

matt-snyder-stuff/Security-Maturity-Tracking

The Security Maturity Project Tracking Matrix helps organizations evaluate and enhance their security capabilities across multiple domains. It provides a structured framework to track progress, streamline processes, and achieve security maturity goals effectively.

Size: 833 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0

phrp720/soc-toolkit

Open Source S.O.C.

Language: Shell - Size: 4.7 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0

awais922609/Cyber-Security-Interview-Question-Answers

Welcome to the Cybersecurity Questions and Answers Repository! This project aims to create a comprehensive collection of questions and answers related to various cybersecurity topics. Whether you’re a beginner looking to learn or a seasoned professional wanting to share your knowledge, this repo is the perfect place for you.

Size: 233 KB - Last synced at: 9 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0

fushyShifa/SOC-Module

A collection of sources of documentation, as well as field best practices, to build/run a SOC

Size: 20.3 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0

AlfonsoJohn/Azure-HoneyNet-SOC

Implemented a miniature HoneyNet on Azure, integrating log sources from diverse resources into a Log Analytics workspace.

Language: PowerShell - Size: 66.4 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0

0xbythesecond/Azure-SOC-Honeynet-Project

Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace

Size: 4.01 MB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0

ooaikomo/SOC-Threat-Detection-Segmented-Network

Hands-on SOC lab demonstrating threat detection, log correlation, and incident response in a segmented enterprise network using SIEM and network monitoring.

Size: 12.7 KB - Last synced at: 7 days ago - Pushed at: 9 days ago - Stars: 0 - Forks: 0

ronnakrit303/SOC-Incident-SSH-Bruteforce

SOC Incident Report: SSH brute-force credential compromise case study with log analysis, MITRE ATT&CK mapping, and incident response documentation.

Size: 1.37 MB - Last synced at: 10 days ago - Pushed at: 11 days ago - Stars: 0 - Forks: 0

icdfa/soc-training-program

Certified SOC Analyst (CSA) Program - A comprehensive 6-month, hands-on Security Operations Center training curriculum. Developed by Aminu Idris, AMCPN | International Cybersecurity and Digital Forensics Academy (ICDFA)

Language: Python - Size: 44.5 MB - Last synced at: 12 days ago - Pushed at: 13 days ago - Stars: 0 - Forks: 0

fpeakman/Useful-Cyber-Resources

A list of free or open source tools or resources that have proven useful over the years.

Size: 252 KB - Last synced at: 13 days ago - Pushed at: 14 days ago - Stars: 0 - Forks: 0

AdliXSec/portfolio-project-soc

Integrasikan SOC kedalam website portfolio dengan memantau log pengguna dan beberapa fitur mini soc

Language: CSS - Size: 34.9 MB - Last synced at: 17 days ago - Pushed at: 20 days ago - Stars: 0 - Forks: 0

aicit6l/aicit6l

Size: 13.7 KB - Last synced at: 19 days ago - Pushed at: 23 days ago - Stars: 0 - Forks: 0

psyklopp/Dezible-com

🌀 Making a SIEM from scratch!

Language: CSS - Size: 22.3 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

texasbe2trill/nlp-driven-incident-triage

This project builds an end-to-end Natural Language Processing (NLP) system for classifying cybersecurity incident descriptions into meaningful event categories. The goal is to model the early triage workflow found in Security Operations Centers (SOCs) by converting unstructured analyst text into structured, actionable labels.

Language: Jupyter Notebook - Size: 59.4 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

RykerWilder/siem-ekf Fork of johnnypax/siem-light-ekf-yt

simple example of SIEM tool operation.

Language: Shell - Size: 179 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0

G3rges2025/SecureBox-SOC

Lightweight Python-powered SOC for real-time threat detection, alert visualization, and automated IP blocking — complete with GeoIP mapping and Streamlit dashboard.

Language: Python - Size: 44.9 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0

azeddine-hmd/mini-soc

SOC Wazuh Platform

Language: Shell - Size: 1.17 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

whodinner/0-incident

0-incident is an SOC for cybersecurity.

Language: Python - Size: 16.6 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

qexa/pisoc-dashboard

Web-based management dashboard for PiSOC, a cybersecurity lab built on the Raspberry Pi. The dashboard allows security professionals and students to manage and interact with various security tools, including ELK Stack SIEM, Suricata IDS, Cowrie honeypot, and packet capture capabilities.

Size: 4.88 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

KarmaResistance/SOC-Home-Lab-Malware-Analysis

How to create a basic SOC home lab and analyze a malware.

Size: 24.2 MB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0

Samuelade24/Cybersecurity_portfolio

this cybersecurity portfolio showcases Samuel's expertise in various security domains, including web application security and network security. His projects and reports demonstrate his skills as a penetration tester and security researcher.

Size: 2.46 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0

laurimar22/-Ultimate-Cybersecurity-Roadmap

Master cybersecurity with the Ultimate Cybersecurity Roadmap. From basics to advanced skills, this guide helps you build a successful career. 🛡️💻

Size: 2.93 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0

suuhm/phat

Graphical PowerShell application designed to help investigators, security analysts, and IT professionals examine email headers for signs of phishing or spoofing. The tool parses headers from .eml and .msg files, highlights important fields, and provides insights into SPF, DKIM, and DMARC results.

Language: PowerShell - Size: 4.04 MB - Last synced at: 12 days ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0

progamer2016/llminspect-gateway

LLMInspect AI Gateway is a cutting edge platforms to protect businesses from GenAI Threats

Size: 1000 Bytes - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 0 - Forks: 0

eunomatix/llminspect-gateway

LLMInspect AI Gateway is a cutting edge platforms to protect businesses from GenAI Threats

Size: 3.06 MB - Last synced at: 6 months ago - Pushed at: 12 months ago - Stars: 0 - Forks: 0

3rc0/SOCIraq

Security Operations Center in Iraq

Size: 20.5 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0

MegaByteKnight/SOC-with-Azure-and-Sentinel-Project

Building a SOC with Azure and Microsoft Sentinel

Size: 109 KB - Last synced at: 4 months ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0

leitosama/ansible-solar-battle

Набор ansible для соревнований от SOLAR

Language: Jinja - Size: 27.3 KB - Last synced at: 4 months ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

uruc/SOC-Automation-Lab

This project automates Security Operations Center (SOC) workflows using Wazuh, Shuffle, and TheHive. It includes setting up a Windows 10 client with Sysmon and Ubuntu 22.04 for Wazuh and TheHive, with deployments on cloud or VMs. Goals: automate event collection, alerting, and incident response to enhance SOC efficiency.

Size: 6.77 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

hxctr/SISAP-IRSI-FINALPROJECT-CYBERSECURITY

Security Operations Center (SOC) E-Learning Platform: Final cybersecurity project created to graduate from the cybersecurity specialization program by SISAP-IRSI. This platform offers courses, simulations, and challenges to enhance skills in threat detection and response

Size: 0 Bytes - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0

amir-morshedizadeh/zone-H-checker

It checks "www.zone-h.org/archive" and looks for your domains, if your assets found in the list, it sends its log to your Telegram or Bale group.

Language: Python - Size: 30.3 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 0 - Forks: 1

Related Topics
cybersecurity 22 soc 20 siem 13 incident-response 11 threat-hunting 9 security 6 splunk 6 wazuh 6 security-operations 5 soc-analyst 5 azure 5 blueteam 5 python 5 machine-learning 4 automation 4 blue-team 4 threat-intelligence 4 log-analysis 4 security-tools 4 threat-detection 4 soar 3 sentinel 3 network-security 3 malware-analysis 3 powershell 3 security-automation 3 ai 3 detection-engineering 3 cyber-threat-intelligence 3 kql 3 data-science 3 cheatsheets 3 nist800-53 2 nist800-61 2 splunk-a 2 python-script 2 privacy 2 securityevent 2 syslog 2 network-security-groups 2 log-analytics-workspace 2 wireshark 2 logistic-regression 2 misp 2 nlp 2 nlp-machine-learning 2 streamlit 2 open-source 2 synthetic-data 2 openxdr 2 elasticsearch 2 intrusion-detection-system 2 cybersecurity-tools 2 rag 2 penetration-testing 2 security-audit 2 soc2 2 security-engineering 2 cyber-defense 2 elk-stack 2 pfsense 2 dashboard 2 mitre-attack 2 security-hardening 2 cloud-security 2 honeynet 2 blueteam-tools 2 dfir 2 email-security 2 hunting-techniques 2 ioc 2 eunomatix 2 threat-intel-feeds 2 firewall 2 kibana 2 elastic-stack 2 gemini 2 genai 2 generative-ai 2 guardrails 2 homelab-setup 1 management-dashboard 1 analysis 1 raspberry-pi 1 cryptography 1 grc 1 network-engineer 1 networking 1 security-lab 1 security-onion 1 training 1 e-learningweb 1 bale-messenger 1 defacement 1 incidents-reports 1 telegram-bot 1 zone-h 1 network-security-monitoring 1 docker-compose 1 filebeat 1