Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, podcasts, Twitter/X accounts and a set of tools relevant to the role of SOC analyst.
☆57Feb 14, 2026Updated 3 months ago
Alternatives and similar repositories for awesome-soc-analyst
Users that are interested in awesome-soc-analyst are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆163May 15, 2026Updated 2 weeks ago
- MISP to Microsoft Defender integration☆17Feb 24, 2026Updated 3 months ago
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆29Sep 29, 2025Updated 8 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆291Mar 20, 2025Updated last year
- ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.☆280May 22, 2026Updated last week
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam pr…☆125Feb 26, 2026Updated 3 months ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- ☆16Jul 8, 2024Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆54Oct 23, 2024Updated last year
- pySigma Splunk backend☆43Mar 22, 2026Updated 2 months ago
- ☆12Jun 4, 2025Updated 11 months ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆54Apr 22, 2025Updated last year
- CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools☆16Feb 26, 2026Updated 3 months ago
- A Compiler from Sigma rules to VQL☆19May 18, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- GitHub landing page repo☆12May 14, 2026Updated 2 weeks ago
- This is the code repository for the course, TypeScript: Modern Javascript Development, published by Packt☆16Jan 30, 2023Updated 3 years ago
- ICS/OT related Wireshark profiles + adding some other (IT or OT related) Open Source Wireshark Profiles☆18Mar 21, 2025Updated last year
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Nov 7, 2025Updated 6 months ago
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆45Sep 12, 2024Updated last year
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated last year
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆37Mar 24, 2025Updated last year
- Block ads and malicious domains with response policy zones☆12Jun 10, 2020Updated 5 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆89Mar 11, 2026Updated 2 months ago
- Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IO…☆109Apr 13, 2026Updated last month
- This repository contains a mindmap for different techniques for using Censys Search☆15Sep 17, 2025Updated 8 months ago
- 🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…☆45Jun 28, 2025Updated 11 months ago
- HECTOR☆20Mar 3, 2017Updated 9 years ago
- ☆11Mar 9, 2018Updated 8 years ago
- Here you find the complete list of enrichments and extractionsfor Ubikron.☆38Mar 6, 2026Updated 2 months ago
- ☆16Mar 19, 2026Updated 2 months ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.☆22May 22, 2026Updated last week
- ☆71May 19, 2026Updated last week
- Static file analysis for PE files☆13Dec 4, 2020Updated 5 years ago
- Using MCP is fun with Cyberbro!☆19Apr 25, 2026Updated last month
- A javascript library to convert Outlook *.msg files to *.eml☆11Jun 27, 2024Updated last year
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆312May 14, 2026Updated 2 weeks ago