Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, podcasts, Twitter/X accounts and a set of tools relevant to the role of SOC analyst.
☆55Feb 14, 2026Updated 2 months ago
Alternatives and similar repositories for awesome-soc-analyst
Users that are interested in awesome-soc-analyst are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆160Mar 23, 2026Updated last month
- MISP to Microsoft Defender integration☆17Feb 24, 2026Updated 2 months ago
- IP Sweeper Script is a script that will ping all the IP addresses in the given range and filter out the IPs that responded. This script i…☆18Nov 8, 2024Updated last year
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆29Sep 29, 2025Updated 7 months ago
- A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks inc…☆29Jun 22, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆12Oct 15, 2024Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆288Mar 20, 2025Updated last year
- ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.☆261Apr 30, 2026Updated last week
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- ☆16Jul 8, 2024Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆54Oct 23, 2024Updated last year
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆54Apr 22, 2025Updated last year
- CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools☆16Feb 26, 2026Updated 2 months ago
- This is the code repository for the course, TypeScript: Modern Javascript Development, published by Packt☆16Jan 30, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ICS/OT related Wireshark profiles + adding some other (IT or OT related) Open Source Wireshark Profiles☆18Mar 21, 2025Updated last year
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Nov 7, 2025Updated 6 months ago
- Website searcher for SEO comparisons / OSINT☆11Oct 13, 2019Updated 6 years ago
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆45Sep 12, 2024Updated last year
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated last year
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆37Mar 24, 2025Updated last year
- Block ads and malicious domains with response policy zones☆12Jun 10, 2020Updated 5 years ago
- Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IO…☆106Apr 13, 2026Updated 3 weeks ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆89Mar 11, 2026Updated last month
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A simple webapp to visualise TOML☆11Nov 29, 2023Updated 2 years ago
- Pure Python netflow and DNS correlation, with reusable Frame Streams, DnsTap and Protobuf implementations☆17Aug 30, 2025Updated 8 months ago
- This repository contains a mindmap for different techniques for using Censys Search☆15Sep 17, 2025Updated 7 months ago
- 🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…☆45Jun 28, 2025Updated 10 months ago
- HECTOR☆20Mar 3, 2017Updated 9 years ago
- ☆11Mar 9, 2018Updated 8 years ago
- Resources for Cyber Security☆11Oct 30, 2018Updated 7 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆130Apr 6, 2024Updated 2 years ago
- Here you find the complete list of enrichments and extractionsfor Ubikron.☆38Mar 6, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- command line tool to use the DNSDB Flexible Search API extensions.☆16Aug 5, 2024Updated last year
- ☆68Apr 22, 2026Updated 2 weeks ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- A javascript library to convert Outlook *.msg files to *.eml☆11Jun 27, 2024Updated last year
- Using MCP is fun with Cyberbro!☆18Apr 25, 2026Updated 2 weeks ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆290Apr 10, 2026Updated last month