daverstephens/The-SOC-Shop external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

daverstephens/The-SOC-Shop

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/daverstephens/The-SOC-Shop)

Close

daverstephens / The-SOC-ShopView on GitHubMore

• External links
• Readme badge

Repository of scripts/tools that may be useful in Security Operations Centres (SOC)

☆57Nov 25, 2020Updated 5 years ago

Alternatives and similar repositories for The-SOC-Shop

Users that are interested in The-SOC-Shop are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• eCrimeLabs / MISP2CbR

  View on GitHub
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆20May 25, 2022Updated 3 years ago
• PaloAltoNetworks / misp-to-autofocus

  View on GitHub
  Script for pulling events from a MISP database and converting them to Autofocus queries.
  ☆13Dec 28, 2015Updated 10 years ago
• Hestat / soc-threat-hunting

  View on GitHub
  Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
  ☆26Jul 27, 2020Updated 5 years ago
• egd-io / gone-phishing

  View on GitHub
  ☆19Jul 24, 2021Updated 4 years ago
• MISP / misp-graph

  View on GitHub
  A tool to convert MISP XML files (events and attributes) into graphs
  ☆20May 13, 2017Updated 8 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• cudeso / host-enrich

  View on GitHub
  Enrich a host with open source security information
  ☆27Oct 4, 2015Updated 10 years ago
• moshekaplan / awesome-SOC-appliances

  View on GitHub
  A curated list of FOSS software appliances for building a SOC
  ☆18Jan 11, 2021Updated 5 years ago
• Hacking-Lab / SecurityOperationsCenter

  View on GitHub
  Security Operation Center Lab
  ☆20Oct 8, 2024Updated last year
• frikky / WALKOFF

  View on GitHub
  A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, t…
  ☆12Nov 23, 2022Updated 3 years ago
• maltelligence / maltelligence

  View on GitHub
  a Malware/Threat Analyst Desktop
  ☆89Aug 25, 2015Updated 10 years ago
• anl-cyberscience / FlexTransform

  View on GitHub
  Enables dynamic translation of structured data between formats
  ☆14Dec 14, 2018Updated 7 years ago
• iSIGHTPartners / macaroni_extension

  View on GitHub
  A browser extension that seamlessly integrates your yara match notifications into VirusTotal Intelligence.
  ☆17Feb 8, 2015Updated 11 years ago
• daveherrald / scansio-sonar-splunk

  View on GitHub
  Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and s…
  ☆19Mar 16, 2026Updated last week
• slupers / ThreatIntel

  View on GitHub
  Website letting users query information from many different security threat intelligence APIs
  ☆26Sep 30, 2020Updated 5 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• ikoniaris / thug-vagrant

  View on GitHub
  Vagrant configuration to setup a Thug honeyclient VM
  ☆20Feb 26, 2015Updated 11 years ago
• Intevation / intelmq-fody

  View on GitHub
  Web interface to IntelMQ
  ☆10Sep 10, 2025Updated 6 months ago
• adulau / misp-osint-collection

  View on GitHub
  Collection of best practices to add OSINT into MISP and/or MISP communities
  ☆65Sep 29, 2023Updated 2 years ago
• csirtgadgets / csirtg-smrt-v1

  View on GitHub
  the fastest way to consume threat intelligence.
  ☆30Mar 9, 2023Updated 3 years ago
• 0xd34db33f / maltego-transforms

  View on GitHub
  Public Maltego Transforms
  ☆24May 24, 2017Updated 8 years ago
• PaloAltoNetworks / report_to_misp

  View on GitHub
  Parse a report and import the events into MISP
  ☆30Oct 19, 2015Updated 10 years ago
• gcrahay / otx_misp

  View on GitHub
  Imports Alienvault OTX pulses to a MISP instance
  ☆53Sep 29, 2021Updated 4 years ago
• defensivedepth / Sysmon_OSSEC

  View on GitHub
  OSSEC Decoder & Rulesets for Sysmon Events
  ☆15Jul 23, 2015Updated 10 years ago
• maysarax / SOC

  View on GitHub
  ☆20Aug 4, 2019Updated 6 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• kidcrash22 / Sysmon-Threat-Intel

  View on GitHub
  ☆13Feb 6, 2018Updated 8 years ago
• gitunique / cti-scripts

  View on GitHub
  Scripts for accessing and transforming cyber threat intelligence
  ☆26Nov 22, 2015Updated 10 years ago
• danielguerra69 / docker-moloch

  View on GitHub
  A Docker container for Moloch based on minimal Debian
  ☆13Jun 23, 2017Updated 8 years ago
• jmbmxer / CloudSoc

  View on GitHub
  Push-button Security Operations Center using Kubernetes
  ☆13Oct 19, 2016Updated 9 years ago
• jostuffl / AzureSentinel_Stuff

  View on GitHub
  A collection of things I've created or found that I think is useful for Azure Sentinel.
  ☆18Jan 28, 2026Updated last month
• EC-DIGIT-CSIRC / VirusTotal-Tools

  View on GitHub
  ☆37Feb 3, 2017Updated 9 years ago
• treyka / threaty_threatego

  View on GitHub
  Maltego entity pack encompassing the entire STIX 1.2 data model and a targeted subset of the CybOX 2.1 data model
  ☆11Mar 24, 2016Updated 10 years ago
• mohlcyber / MISP-MVISION-EDR

  View on GitHub
  Integration between MISP platform and McAfee MVISION EDR
  ☆14Mar 14, 2022Updated 4 years ago
• S03D4-164 / Hiryu

  View on GitHub
  IOC Management and Visualization Tool
  ☆48Dec 8, 2022Updated 3 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• DefensePointSecurity / threat_note

  View on GitHub
  DPS' Lightweight Investigation Notebook
  ☆433Dec 31, 2023Updated 2 years ago
• frkncelik / Sigma-Rule

  View on GitHub
  You can access the sigma rules to detect malicious activities. It is organized by Mitre Att&ck categories.
  ☆13Feb 7, 2022Updated 4 years ago
• thugs-rumal / rumal

  View on GitHub
  Thug's Rumāl: a Thug's dress & weapon
  ☆37Jan 24, 2017Updated 9 years ago
• jipegit / IRNotes

  View on GitHub
  Some IR notes
  ☆73Jul 23, 2016Updated 9 years ago
• r3comp1le / VT-Hunter

  View on GitHub
  Manage VT Alerts
  ☆62Oct 4, 2016Updated 9 years ago
• MITRECND / WhoDat

  View on GitHub
  Pivotable Reverse WhoIs / PDNS Fusion with Registrant Tracking & Alerting plus API for automated queries (JSON/CSV/TXT)
  ☆159Sep 20, 2021Updated 4 years ago
• 0xd34db33f / gfyp

  View on GitHub
  Unification of dnstwist + SQLite + Email reporting. Set it as a cron job that runs every hour, give it a list of domains and email addres…
  ☆66Mar 6, 2018Updated 8 years ago