Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.

Reconmap is a collaboration-first security operations platform for infosec teams and MSSPs, enabling end‑to‑end engagement management, from reconnaissance through execution and reporting. With built-in command automation, output parsing, and AI‑assisted summaries, it delivers faster, more structured, and high‑quality security assessments.

学习安全运营的记录 | The knowledge base of security operation

Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud

Detecting ATT&CK techniques & tactics for Linux

MCP Server for Wazuh SIEM

Open-source framework to detect outliers in Elasticsearch events

安全运维工具箱是一款面向安全运维场景的集成化利器，融合了资产管理、资产测绘、漏洞检测、配置核查、弱口令检测、批量化运维、漏洞跟踪、报告生成以及日志审计等核心功能模块。

Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques

Curso para aprender Ciberseguridad desde cero, en español y 100% gratis. Abarca 5 dominios fundamentales que necesitas conocer para poder dar tus primeros pasos en este apasionante mundo.

My learning, tutorials on Cybersecurity

Production-ready KQL queries for Microsoft Defender XDR and Microsoft Sentinel. Focused on Threat Hunting, Detection Engineering, and MITRE ATT&CK mapping.

Write detections, investigate alerts, and query logs from your favorite AI agents

Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common format into Elasticsearch with the main goal of being used by the Security solution.

A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.

📊 Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.

A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.

An Elasticsearch Beat to monitor DNS zones through customizable zone transfers.

Intelligent SOC automation framework powered by LangGraph multi-agent workflows for alert triage, correlation, and incident response

Public-safe TR/EN product hub for MyVuln threat intelligence platform.