Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, podcasts, Twitter/X accounts and a set of tools relevant to the role of SOC analyst.
☆53Feb 14, 2026Updated 2 months ago
Alternatives and similar repositories for awesome-soc-analyst
Users that are interested in awesome-soc-analyst are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆159Mar 23, 2026Updated 3 weeks ago
- MISP to Microsoft Defender integration☆17Feb 24, 2026Updated last month
- IP Sweeper Script is a script that will ping all the IP addresses in the given range and filter out the IPs that responded. This script i…☆18Nov 8, 2024Updated last year
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆29Sep 29, 2025Updated 6 months ago
- A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks inc…☆29Jun 22, 2022Updated 3 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- ☆12Oct 15, 2024Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆287Mar 20, 2025Updated last year
- ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.☆247Updated this week
- pySigma Splunk backend☆42Mar 22, 2026Updated 3 weeks ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- ☆16Jul 8, 2024Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Oct 23, 2024Updated last year
- ☆11Jun 4, 2025Updated 10 months ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆54Apr 22, 2025Updated 11 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools☆16Feb 26, 2026Updated last month
- GitHub landing page repo☆12Feb 18, 2026Updated 2 months ago
- This is the code repository for the course, TypeScript: Modern Javascript Development, published by Packt☆16Jan 30, 2023Updated 3 years ago
- ICS/OT related Wireshark profiles + adding some other (IT or OT related) Open Source Wireshark Profiles☆18Mar 21, 2025Updated last year
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Nov 7, 2025Updated 5 months ago
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆44Sep 12, 2024Updated last year
- Website searcher for SEO comparisons / OSINT☆11Oct 13, 2019Updated 6 years ago
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated last year
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆36Mar 24, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IO…☆105Updated this week
- ATT&CK Data Model (ADM): A TypeScript library for structured interaction with MITRE ATT&CK datasets. Uses Zod schemas, TypeScript types, …☆74Feb 17, 2026Updated 2 months ago
- Block ads and malicious domains with response policy zones☆12Jun 10, 2020Updated 5 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆88Mar 11, 2026Updated last month
- A simple webapp to visualise TOML☆10Nov 29, 2023Updated 2 years ago
- Pure Python netflow and DNS correlation, with reusable Frame Streams, DnsTap and Protobuf implementations☆17Aug 30, 2025Updated 7 months ago
- 🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…☆45Jun 28, 2025Updated 9 months ago
- ☆63Mar 29, 2026Updated 3 weeks ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- HECTOR��☆20Mar 3, 2017Updated 9 years ago
- ☆11Mar 9, 2018Updated 8 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆130Apr 6, 2024Updated 2 years ago
- Resources for Cyber Security☆11Oct 30, 2018Updated 7 years ago
- ☆16Mar 19, 2026Updated last month
- Here you find the complete list of enrichments and extractionsfor Ubikron.☆37Mar 6, 2026Updated last month
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆47Jan 28, 2026Updated 2 months ago