Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IOC and monitoring.
-
Updated
Apr 13, 2026
Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IOC and monitoring.
Authorized web application security testing platform built with Django, React, Celery, and Redis.
ShadowWall AI is a cutting-edge, enterprise-grade cybersecurity platform that employs artificial intelligence, machine learning, and advanced deception techniques to provide comprehensive protection against sophisticated cyber threats. Designed for security professionals, SOC teams, and organizations requiring proactive threat defense.
A lightweight SOC-focused threat intelligence platform built with Python & Flask. Manage, search, and export IOCs (IPs, domains, file hashes) with live AbuseIPDB enrichment and an interactive dashboard.
Sigma-format SAST detection rules for Active Directory attack techniques — CLAUDE 94 rules across 14 categories, mapped to MITRE ATT&CK v14 | For blue teams, SOC analysts and purple team exercises
Wazuh SIEM SOC Analyst Training Manual WITH THINGS A NEWBIE MUST KNOW BEFORE USING THE WAZUH.
This portfolio focuses on my abilities how to deal with Tryhackme challenges / labs, which contain a full bunch of important programs and frameworks used in real life scenarios.
Automated Python script that parses Linux auth logs to detect SSH brute force attacks and generate incident reports
Hey 👋, This Lab was made by Riad Moudjahed, a friendly malware analysis lab. "README" contains everything you need.
Documentation of my 3-month Cyberster Blue Team internship — covering SOC operations, SIEM lab setup (VirtualBox, Wazuh), network traffic analysis, detection rules, and incident response, building toward a Blue Team / SOC Analyst role."
SOC Analyst IR Playbooks: Ransomware, Phishing, Brute Force, Malware, Data Exfiltration
Credentialed Nessus vulnerability assessment on a Windows 11 VM, with evidence screenshots, severity analysis, Graylog dashboard visualization, and a remediation plan. Demonstrates the full vulnerability management lifecycle from discovery to prioritization.
Automated job search engine for remote, entry-level roles in cybersecurity, IT support, SOC analysis, and data labeling, scrapes 10+ job boards, filters by seniority and location eligibility, scores listings, and generates AI-tailored resumes via a local dashboard
A comprehensive technical audit and penetration testing lab focused on SSH exploitation, MITRE ATT&CK mapping, and Linux forensic log analysis.
Python-based automated incident response framework ( Phishing analysis, Threat intel enrichment, IR playbooks, Vulnerability reporting, and NIST CSF compliance tracking.)
Incident Response case study focused on network packet dissection, cleartext credential harvesting, and TLS 1.3 encrypted session analysis.
🛡️ All-in-One IOC Lookup & Extraction Tool - 28 Threat Intel Sources
DexSentinel is a high-performance, real-time threat intelligence aggregator designed to provide global visibility into attack surface pressure. It correlates live telemetry with public OSINT feeds to offer a unified dashboard for security researchers and SOC analysts.
Threat intelligence and incident response monitoring using Splunk SIEM and security event analysis
Add a description, image, and links to the socanalyst topic page so that developers can more easily learn about it.
To associate your repository with the socanalyst topic, visit your repo's landing page and select "manage topics."