Projects in Awesome Lists tagged with security-operations
A curated list of projects in awesome lists tagged with security-operations .
https://github.com/beenuar/aisoc
Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.
ai-security alert-triage cybersecurity detection-engineering docker fastapi incident-response mit-license mitre-attack nextjs open-source purple-team python security-operations self-hosted siem soar soc threat-detection threat-intelligence
Last synced: 30 May 2026
https://github.com/satan1a/TheRoadOfSO
学习安全运营的记录 | The knowledge base of security operation
cybersecurity knowledge-base security-analysis security-operation security-operations soc threat-analysis wiki
Last synced: 15 May 2025
https://github.com/googlecloudplatform/security-analytics
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
audit-logs bigquery chronicle cloud-security-command-center gcp google-cloud log-analytics logging network-analysis network-logs security security-operations threat-detection
Last synced: 05 Apr 2025
https://github.com/GoogleCloudPlatform/security-analytics
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
audit-logs bigquery chronicle cloud-security-command-center gcp google-cloud log-analytics logging network-analysis network-logs security security-operations threat-detection
Last synced: 31 Mar 2025
https://github.com/NVISOsecurity/ee-outliers
Open-source framework to detect outliers in Elasticsearch events
anomaly-detection cirt ee-outliers machine-learning ml netsec outlier-detection outliers security-monitoring security-operations siem statistical-analysis statistics threat-hunting
Last synced: 11 May 2025
https://github.com/gbrigandi/mcp-server-wazuh
MCP Server for Wazuh SIEM
llm mcp mcp-server model-context-pro model-context-protocol-servers security-operations siem wazuh wazuh-integration
Last synced: 16 Dec 2025
https://github.com/panther-labs/mcp-panther
Write detections, investigate alerts, and query logs from your favorite AI agents
ai cybersecurity mcp-server security-operations
Last synced: 05 Mar 2026
https://github.com/alexfrancow/isoc
:bar_chart: Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.
blue-team bugbounty bugbounty-tool cybersecurity docker docker-compose elasticsearch elk kibana mongodb openvas python3 red-team security-operations siem vulnerability-detection w3af zabbix
Last synced: 09 Jul 2025
https://github.com/austinsonger/interviewing
Interviewing Help for Information Security Jobs (With Answers)
compliance cyber-security cybersecurity governance-risk-compliance information-security interviewing network-security risk risk-assessment security-operations threat-management
Last synced: 31 Jan 2026
https://github.com/austinsonger/intel-hash
Takes a Onion URL and Hashes it and compares it against blacklisted hashed onion URLS
script security security-operations security-tools
Last synced: 15 Mar 2025
https://github.com/icsrc-org/.github
Public profile repository for ICSRC, containing the organization’s official GitHub profile and public-facing information.
community cyber-defense cyber-threats cybersecurity digital-forensics github github-templates incident-response information-security malware-analysis meta network-security open-source-security organization-profile security security-operations security-research security-tools threat-intelligence vulnerability-analysis
Last synced: 08 Jan 2026
https://github.com/labex-labs/cybersecurity-analysis-with-wireshark-and-tshark
In this course, learn cybersecurity analysis using Wireshark and Tshark. Master packet capture, filtering, protocol analysis, and automation for effective network security monitoring.
automation command-line course cybersecurity digital-forensics hands-on intrusion-detection labex labs network-monitoring network-security network-troubleshooting packet-analysis programming protocol-analysis security-operations security-tools traffic-analysis tshark wireshark
Last synced: 06 Feb 2026
https://github.com/b0rik3n/mucaro-threat-monitor
OS-agnostic SOC news monitor with lookback filters, category tags, summaries, and source links.
cybersecurity nextjs open-source rss security-operations security-tools threat-feed threat-intelligence
Last synced: 04 Apr 2026
https://github.com/solomonneas/soc-showcase
SOC Stack portfolio showcase with 5 design variants
blue-team cybersecurity dashboard react security-operations security-tools soc visualization
Last synced: 25 Apr 2026
https://github.com/solomonneas/playbook-forge
SOC playbook parser with mermaid diagram generation
automation blue-team cybersecurity incident-response playbooks security-operations soar
Last synced: 25 Apr 2026
https://github.com/srkyn/home-network-security
Sanitized OPNsense + Proxmox home security case study: firewall policy, DNS security, CrowdSec, logs, asset awareness, canary alerts, and safe operations.
blue-team crowdsec cybersecurity defensive-security dhcp dns-over-tls dns-security dnssec firewall homelab network-security opencanary opnsense proxmox security-operations traffic-shaping
Last synced: 31 May 2026
https://github.com/srkyn/srkyn
Cybersecurity profile focused on security operations, identity cleanup, endpoint review, detection notes, and defensive tooling.
cybersecurity detection-engineering endpoint-security iam profile-readme security-automation security-operations security-portfolio soc vulnerability-management
Last synced: 31 May 2026
https://github.com/srkyn/splunk-detection-content
Splunk detection notebook with lab-based SPL, MITRE ATT&CK mapping, tuning notes, and analyst triage context.
blue-team cybersecurity defensive-security detection-engineering mitre-attack security-operations siem soc spl splunk windows-security
Last synced: 31 May 2026
https://github.com/mizcausevic-dev/cyberark-connector-observability-exporter
Rust exporter for CyberArk connector health, pool status, auth failures, latency, and Prometheus/OpenTelemetry observability pipelines.
axum backend cyberark observability opentelemetry platform-reliability portfolio prometheus rust security-operations
Last synced: 01 Jun 2026
https://github.com/mizcausevic-dev/m365-retention-case-orchestrator
Operator control plane for Microsoft 365 Purview retention policies, disposition quality, and eDiscovery case posture.
azure compliance ediscovery legal-hold microsoft-365 platform-engineering purview retention security-operations typescript
Last synced: 01 Jun 2026
https://github.com/mizcausevic-dev/okta-access-review-orchestrator
Okta access-review operator surface for admin decisions, privileged role governance, and remediation posture.
access-review iam identity-governance okta platform-engineering security-operations sso typescript zero-trust
Last synced: 01 Jun 2026
https://github.com/mizcausevic-dev/intune-device-compliance-ops
Operator control plane for Microsoft Intune device compliance, stale sync risk, BYOD posture, and endpoint remediation readiness.
azure byod device-compliance endpoint-compliance intune mdm microsoft-365 platform-engineering security-operations typescript
Last synced: 01 Jun 2026
https://github.com/mizcausevic-dev/entra-access-review-control-plane
Operator control plane for Microsoft Entra access reviews, privileged-role decisions, stale approvals, and identity-governance remediation posture.
access-review azure azure-ad entra identity-governance intune microsoft-365 platform-engineering privileged-access security-operations typescript
Last synced: 01 Jun 2026
https://github.com/mizcausevic-dev/cyberark-access-review-sync
Python integration for syncing CyberArk privileged-account metadata into access-review queues, stale-access findings, and approval-ready evidence payloads.
access-review backend cyberark fastapi governance identity-governance portfolio privileged-access-management python security-operations
Last synced: 01 Jun 2026
https://github.com/mizcausevic-dev/intune-app-protection-lab
Operator surface for Microsoft Intune app protection, BYOD scope, policy gaps, and enforcement posture.
app-protection azure byod intune mam microsoft-365 mobile-application-management platform-engineering security-operations typescript
Last synced: 01 Jun 2026