Useful resources for SOC Analyst and SOC Analyst candidates.

The repository is a valuable resource for individuals looking to enhance their knowledge and skills in cybersecurity. It provides in-depth materials and guides for various cybersecurity domains.

🛡️ Master the essentials of SOC/Security Analysis with our 12-day SOC Analyst Prerequisites Learning Path, covering Linux, Windows, networking, scripting, and penetration testing—your key to a solid foundation in information security. 🚀

Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace

Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, podcasts, Twitter/X accounts and a set of tools relevant to the role of SOC analyst.

A script to that checks for active connections to known malicious foreign IP addresses.

I worked on a Red Team vs Blue Team scenario in which i played the role of both penetration tester and SOC analyst.

Forwards windows events to Splunk.

Setting Up Wazuh SIEM/XDR Homelab and Integration of Microsoft Defender into it.

Hi! I’m Abdullahi Abdinoor Mohamed, and this is my cybersecurity portfolio. Here, I showcase my hands-on experience, projects, and knowledge in the field of cybersecurity, ethical hacking, and IT security.

SOCIMP: design, build, implement and become a SOC Analyst in a foundational Security Operation Center enviroment.

Information Security, Risk mgmt. and Forensics.

SOC Analyst Automation using a RAG model integrates a knowledge retrieval system with generative AI to automate SOC Level-1 tasks. It processes server logs, retrieves relevant security insights, and generates accurate responses, enhancing incident analysis, reducing response times, and improving efficiency in handling cybersecurity threats through

A collection of sources of documentation, as well as field best practices, to build/run a SOC

Utilizes the VirusTotal API v3 to scan files for potential malware or suspicious behavior and send alert in Telegram.

Windows Event Threat Navigator: Quick reference linking Windows/Sysmon events to MITRE ATT&CK®

This controlled lab environment emphasizes practical cybersecurity skills, ethical practices, and the importance of proactive defense strategies.

A Python application that generates simulated logs and detects suspicious user behaviour patterns that may indicate insider threats.

SOC Security Log Analyzer: AI-powered threat detection for security professionals.