Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, podcasts, Twitter/X accounts and a set of tools relevant to the role of SOC analyst.
☆62Feb 14, 2026Updated 4 months ago
Alternatives and similar repositories for awesome-soc-analyst
Users that are interested in awesome-soc-analyst are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆170Jun 10, 2026Updated 2 weeks ago
- A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks inc…☆29Jun 22, 2022Updated 4 years ago
- ☆12Oct 15, 2024Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆291Mar 20, 2025Updated last year
- ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.☆308Updated this week
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam pr…☆127Feb 26, 2026Updated 4 months ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- ☆16Jul 8, 2024Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆54Oct 23, 2024Updated last year
- pySigma Splunk backend☆43Mar 22, 2026Updated 3 months ago
- ☆12Jun 4, 2025Updated last year
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆55Apr 22, 2025Updated last year
- A Compiler from Sigma rules to VQL☆19May 18, 2026Updated last month
- GitHub landing page repo☆12May 14, 2026Updated last month
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- This is the code repository for the course, TypeScript: Modern Javascript Development, published by Packt☆16Jan 30, 2023Updated 3 years ago
- ICS/OT related Wireshark profiles + adding some other (IT or OT related) Open Source Wireshark Profiles☆18Mar 21, 2025Updated last year
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Jun 9, 2026Updated 2 weeks ago
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆45Sep 12, 2024Updated last year
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated last year
- Block ads and malicious domains with response policy zones☆12Jun 10, 2020Updated 6 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 4 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆92Mar 11, 2026Updated 3 months ago
- Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IO…☆116Apr 13, 2026Updated 2 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- This repository contains a mindmap for different techniques for using Censys Search☆15Sep 17, 2025Updated 9 months ago
- 🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…☆45Jun 28, 2025Updated last year
- ATT&CK Data Model (ADM): A TypeScript library for structured interaction with MITRE ATT&CK datasets. Uses Zod schemas, TypeScript types, …☆87Updated this week
- HECTOR☆20Mar 3, 2017Updated 9 years ago
- Here you find the complete list of enrichments and extractionsfor Ubikron.☆38Mar 6, 2026Updated 3 months ago
- ☆11Mar 9, 2018Updated 8 years ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆55Jan 28, 2026Updated 5 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆131Apr 6, 2024Updated 2 years ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆18Feb 13, 2025Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- ☆76Jun 11, 2026Updated 2 weeks ago
- A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.☆23Updated this week
- Static file analysis for PE files☆13Dec 4, 2020Updated 5 years ago
- A javascript library to convert Outlook *.msg files to *.eml☆11Jun 27, 2024Updated 2 years ago
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆319May 14, 2026Updated last month
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated 2 years ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆55May 11, 2026Updated last month