Open Source Security Operations Center Documentation
☆209Jun 30, 2025Updated 8 months ago
Alternatives and similar repositories for ossocdocs
Users that are interested in ossocdocs are comparing it to the libraries listed below
Sorting:
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- ☆96Jan 7, 2026Updated last month
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆432Feb 18, 2026Updated 2 weeks ago
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago
- Detection Engineering research, open-source tools, conference presentations, and technical publications shared with the security communit…☆28Dec 17, 2025Updated 2 months ago
- Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups …☆43Updated this week
- OXA - Open XDR architecture☆12Apr 1, 2025Updated 11 months ago
- This is a repository dedicated to the DFIR journey. Contains notes, reflections and links to tools.☆107Jan 27, 2026Updated last month
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integration…☆17May 11, 2025Updated 9 months ago
- Training and support materials for MSTICPy☆18Jun 27, 2023Updated 2 years ago
- My Notes from Hugging Face AI Agents Course☆20Feb 18, 2025Updated last year
- Automatically exported from code.google.com/p/checkout4mac☆13Oct 24, 2016Updated 9 years ago
- My external brain for cyber defense (WIP). A practical collection of field notes on hunting strategies and system principles. Documentin…☆60Feb 27, 2026Updated last week
- Continuous Threat Exposure Management Maturity Model (CTEMMM)☆29Feb 6, 2026Updated last month
- Really can protect from ransomware encryption?☆47May 21, 2024Updated last year
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆29Aug 4, 2025Updated 7 months ago
- A collection of sources of documentation, as well as field best practices, to build/run a SOC☆1,635Feb 23, 2026Updated last week
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,492Jan 12, 2026Updated last month
- A series of PowerShell scripts to automate the assessment of Azure IaaS security☆21Feb 18, 2026Updated 2 weeks ago
- Awesome Security lists for SOC/CERT/CTI☆1,263Updated this week
- PowerShell tools to help defenders hunt smarter, hunt harder.☆473Oct 29, 2025Updated 4 months ago
- All binaries file of the PracticalMalwareAnalysis-Labs copied from internet☆47Aug 30, 2017Updated 8 years ago
- These are installation notes based on Mayfly's installation notes. They are more streamlined for Vagrant as I did not take the Docker rou…☆28Jun 19, 2024Updated last year
- DFIQ is a collection of investigative questions and the approaches for answering them☆300Jan 17, 2025Updated last year
- kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and kn…☆56Dec 18, 2023Updated 2 years ago
- A Python script for extracting IP addresses, URLs, headers, and attachments from .eml files. Additional functionalities include defanging…☆42Oct 10, 2024Updated last year
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆277Dec 20, 2025Updated 2 months ago
- Main Sigma Rule Repository☆10,156Updated this week
- A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks inc…☆29Jun 22, 2022Updated 3 years ago
- A preconfigured Velociraptor triage collector☆76Feb 16, 2026Updated 2 weeks ago
- Useful resources for SOC Analyst and SOC Analyst candidates.☆891Aug 28, 2023Updated 2 years ago
- Some HTB, THM, CTF, Penetration Testing, cyber security related resource and writeups☆25May 21, 2025Updated 9 months ago
- ☆141Sep 9, 2025Updated 5 months ago
- Playbooks for SOC Analysts☆681Dec 11, 2022Updated 3 years ago
- ResearchDev - XDR & SIEM Detection☆67Apr 16, 2025Updated 10 months ago
- gRPC Goat is a "Vulnerable by Design" lab created to provide an interactive, hands-on playground for learning and practicing gRPC securit…☆51Sep 22, 2025Updated 5 months ago
- Playground for Race Condition attack☆24Mar 18, 2023Updated 2 years ago
- Sample configuration to include as an Asterisk configuration to supplement automated caller ID spoofing capabilities.☆27Sep 20, 2020Updated 5 years ago
- Elevate your Security Operations Center's efficiency with Howler, the cutting-edge alert triage platform tailored for today's SOC demands…☆44Feb 27, 2026Updated last week