This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC architecture.
☆721Sep 23, 2024Updated last year
Alternatives and similar repositories for SOC-OpenSource
Users that are interested in SOC-OpenSource are comparing it to the libraries listed below
Sorting:
- A collection of sources of documentation, as well as field best practices, to build/run a SOC☆1,635Feb 23, 2026Updated last week
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- Collaborative Incident Response platform☆1,429Feb 16, 2026Updated 2 weeks ago
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,208Updated this week
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,552Nov 26, 2025Updated 3 months ago
- Detect Tactics, Techniques & Combat Threats☆2,264Jan 21, 2026Updated last month
- ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️☆4,517Jan 5, 2026Updated 2 months ago
- GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]☆1,544Jul 28, 2024Updated last year
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,452Updated this week
- A knowledge base of actionable Incident Response techniques☆662May 31, 2022Updated 3 years ago
- Repository resource for threat hunter☆158Sep 14, 2018Updated 7 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆864Jan 20, 2022Updated 4 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆644Jun 19, 2024Updated last year
- A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365☆790Oct 29, 2022Updated 3 years ago
- This project is a SIEM with SIRP and Threat Intel, all in one.☆461Nov 20, 2024Updated last year
- A powerful and user-friendly browser extension that streamlines investigations for security professionals.☆415May 13, 2025Updated 9 months ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆129Jan 9, 2023Updated 3 years ago
- ☆2,513Updated this week
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- Incident Response Methodologies 2022☆1,104Apr 11, 2025Updated 10 months ago
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,908Jul 6, 2024Updated last year
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,492Jan 12, 2026Updated last month
- Documentation and scripts to properly enable Windows event logs.☆672Oct 3, 2025Updated 5 months ago
- Main Sigma Rule Repository☆10,156Updated this week
- Re-play Security Events☆1,725Mar 20, 2024Updated last year
- Playbooks for SOC Analysts☆681Dec 11, 2022Updated 3 years ago
- This module installs and configures MISP (Malware Information Sharing Platform)☆14Dec 29, 2025Updated 2 months ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,642Feb 27, 2026Updated last week
- Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…☆3,547Jan 20, 2026Updated last month
- This repo is about Active Directory Advanced Threat Hunting☆648Feb 17, 2025Updated last year
- Security event correlation engine for ELK stack☆447Jun 26, 2024Updated last year
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,632Updated this week
- Tools and Techniques for Blue Team / Incident Response☆3,944Mar 27, 2025Updated 11 months ago
- Digging Deeper....☆3,784Feb 28, 2026Updated last week
- A repository of my own Sigma detection rules.☆163Nov 25, 2025Updated 3 months ago
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,402Nov 7, 2024Updated last year
- A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence☆706Apr 21, 2025Updated 10 months ago
- IntelOwl: manage your Threat Intelligence at scale☆4,481Updated this week