SOC Lab Project - AWS, Elastic, TheHive, MISP, Cortex, Shuffle

Security Playbooks is a collection of MITRE ATT&CK-based attack scenarios, detection rules (Sigma, YARA, Suricata), PoC scripts, and hands-on lab walkthroughs for cybersecurity professionals and SOC analysts.

A set of Windows tools designed for SOC labs and controlled test environments providing automated TLS key logging setup for web encrypted traffic analysis and enabling or disabling of 16 Windows Defender components (9 functional protection components and 7 services/drivers) to support malware research, detection engineering, and Blue Team training.

🔐 Hands-on SOC lab - 12 tools (OpenSearch, Suricata, Zeek, MISP, Caldera, Velociraptor + AI agents) via Docker Compose. MITRE ATT&CK v14. Free

SOC monitoring lab built using Graylog, OpenSearch, and Ubuntu. Includes log ingestion, detection engineering, alerting, and dashboards.

Professional High-Concurrency Port Scanner & Vulnerability Auditor | Engineered for SOC & Wazuh SIEM Integration.

ICMP Protocol Analysis Lab using Wireshark – A hands-on cybersecurity lab focused on capturing and analyzing ICMP Echo Request and Reply packets, interpreting protocol fields, and applying Wireshark filters for investigation.

Security operation center lab

Building a hands-on Home AD Lab and experimenting with SOC monitoring.

Your full Guideline on how to install, deploy and use the Wazuh SIEM tool for newbies.

A lightweight Home SOC Lab optimized for low-resource devices. Featuring Suricata IDS/IPS, Filebeat on Parrot OS (VM), and Elastic Stack on Docker/WSL2.

A hands-on Azure Cybersecurity lab focused on monitoring real-time RDP brute-force attacks using Windows Event Viewer and Geolocation tracking.

Active Directory + Splunk home lab for monitoring Windows authentication events, investigating failed logons, and validating SIEM visibility.

End-to-end attack detection lab using Wazuh SIEM, Sysmon, and Windows event log analysis with MITRE ATT&CK mapping.

Conducted separate network-level and log-based attack simulations to analyze detection capabilities across different sources

SOC Lab using Wazuh (Brute Force + FIM Detection)

SOC Lab: Brute Force Detection with Wazuh SIEM. Configured Windows/Linux endpoints to monitor RDP & SSH attacks. Simulated threats via Kali Linux, analyzed security events (PCI DSS, MITRE), and implemented logging hardening. Focused on Incident Response and security monitoring for Tier 1 Analyst.

Wazuh SIEM Implementation for Security Monitoring

Wireshark-based network threat detection lab simulating SYN scans and SMB enumeration in a segmented environment.

JUMAL (Junior Malware Analyst) - AI-powered tool for malware triage