awesome-soc-analyst
github.com/st0pp3r/awesome-soc-analyst ↗Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, podcasts, Twitter/X accounts and a set of tools relevant to the role of SOC analyst.
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me tools resources from awesome-soc-analyst"
Installation instructions →What's inside
Tools
- AbuseIPDB | IP, Subnet, Domain
IP, Subnet, Domain
- AlienVault | IP, Domain, URL, Hash, FilePath, Email
IP, Domain, URL, Hash, FilePath, Email
- Cisco Talos Intelligence | IP, URL, Domain, Hash
IP, URL, Domain, Hash
- DOGGuard | URL, Hash
URL, Hash
- FortiGuard Labs | IP, Domain, URL
IP, Domain, URL
- GreyNoise | IP
IP
Attack Reference Material
- AS_REP Roasting | hackndo
hackndo - Explanation of as_rep roasting attack.
- DCSync | adsecurity
adsecurity - Explanation of DCSync attack.
- DNS DGA | cybereason
cybereason - Nice examples of DGA variants.
- DNS Tunneling | unit42
unit42 - Simple example of DNS tunneling and how it is abused.
- Kerberoasting | adsecurity
adsecurity - Explanation of kerberoasting attack.
- Kerberoasting | hackndo
hackndo - Explanation of kerberoasting attack.
Good Reads
- A Tour Inside a SOC Analyst Mind | Ali Alwashali
Ali Alwashali
Resources and Reference Material
- Blue Team Notes | Purp1eW0lf
Purp1eW0lf
- Command Line Arguments Docs| ss64
ss64 - Command line arguments explanations.
- Cyber Kill Chain | Lockheed Martin
Lockheed Martin - Model for identification and prevention of cyber intrusions activity.
- Kerberos Protocol | hackndo
hackndo - Explanation of Keberos protocol.
- Port Information | Speedguide.net
Speedguide.net - Port information and common apps.
- Service Principal Name (SPN) | hackndo
hackndo - Explanation of SPN.
Interview Questions
- Interview Questions | socinvestigation.com
socinvestigation.com
- SOC Interview Questions | LetsDefend
LetsDefend
- SOC Interview Questions | siemxpert.com
siemxpert.com
Showing a sample of 44 resources. View the full list on GitHub →