st0pp3r / awesome-soc-analystView external linksLinks
Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, podcasts, Twitter/X accounts and a set of tools relevant to the role of SOC analyst.
☆35Jul 12, 2025Updated 7 months ago
Alternatives and similar repositories for awesome-soc-analyst
Users that are interested in awesome-soc-analyst are comparing it to the libraries listed below
Sorting:
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆146Updated this week
- MISP to Microsoft Defender integration☆16Feb 6, 2026Updated last week
- Welcome to the hands-on resource hub for the Generative AI Development Environments Bootcamp. This repo is designed to help you explore d…☆25Oct 22, 2025Updated 3 months ago
- A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks inc…☆29Jun 22, 2022Updated 3 years ago
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆29Sep 29, 2025Updated 4 months ago
- Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity concepts—perfect for exam pr…☆107Nov 10, 2025Updated 3 months ago
- 🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…☆46Jun 28, 2025Updated 7 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆281Mar 20, 2025Updated 10 months ago
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆35Mar 24, 2025Updated 10 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Dec 17, 2025Updated last month
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆50Sep 22, 2025Updated 4 months ago
- Some important DFIR Resources☆84Mar 16, 2023Updated 2 years ago
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated 10 months ago
- Ransomware dataset, containing dynamic behaviour of more than 60 distinct ransomware families.☆10Aug 29, 2022Updated 3 years ago
- MPC Server for PySpark inpired by the LakeSail☆17Feb 7, 2026Updated last week
- QueryGPT-ADK is an open-source, multi-agent system for natural language to SQL query generation and explanation. It leverages LLMs and v…☆16Jul 23, 2025Updated 6 months ago
- ☆16Jul 8, 2024Updated last year
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆52Apr 22, 2025Updated 9 months ago
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆44Sep 12, 2024Updated last year
- Resources for Cyber Security☆11Oct 30, 2018Updated 7 years ago
- Multilayered secret detection tool☆41Feb 5, 2026Updated last week
- ☆11Feb 11, 2024Updated 2 years ago
- An AI-powered plugin for Caldera that orchestrates long-running LLM workflows to automatically create adversary emulation abilities and p…☆21Feb 2, 2026Updated last week
- Python 标准库学习☆10Apr 24, 2017Updated 8 years ago
- Monitor/Archive of Azure IAM (Role Definitions and Provider Operations). Tweets at https://twitter.com/maiam_bot☆10Updated this week
- ☆11Mar 9, 2018Updated 7 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Oct 23, 2024Updated last year
- ☆12Oct 15, 2024Updated last year
- OXA - Open XDR architecture☆12Apr 1, 2025Updated 10 months ago
- ☆22Aug 16, 2025Updated 5 months ago
- Website searcher for SEO comparisons / OSINT☆11Oct 13, 2019Updated 6 years ago
- A parser/timeline creator for auditd logs.☆16Aug 5, 2014Updated 11 years ago
- ☆52Dec 19, 2025Updated last month
- ☆12Jun 4, 2025Updated 8 months ago
- Block ads and malicious domains with response policy zones☆12Jun 10, 2020Updated 5 years ago
- ☆11Oct 3, 2019Updated 6 years ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆19May 20, 2025Updated 8 months ago
- Secure Azure IoT solutions end to end☆14Nov 28, 2022Updated 3 years ago
- macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR☆29Jan 29, 2026Updated 2 weeks ago