Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.
-
Updated
Jul 12, 2026 - Python
Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.
Reconmap is a collaboration-first security operations platform for infosec teams and MSSPs, enabling end‑to‑end engagement management, from reconnaissance through execution and reporting. With built-in command automation, output parsing, and AI‑assisted summaries, it delivers faster, more structured, and high‑quality security assessments.
学习安全运营的记录 | The knowledge base of security operation
CompTIA Security+ SY0-701 study guide with exam objectives, quick review, security operations, IAM, GRC, risk, incident response, and exam prep notes.
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
Detecting ATT&CK techniques & tactics for Linux
MCP Server for Wazuh SIEM
Open-source framework to detect outliers in Elasticsearch events
安全运维工具箱是一款面向安全运维场景的集成化利器,融合了资产管理、资产测绘、漏洞检测、配置核查、弱口令检测、批量化运维、漏洞跟踪、报告生成以及日志审计等核心功能模块。
Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
Curso para aprender Ciberseguridad desde cero, en español y 100% gratis. Abarca 5 dominios fundamentales que necesitas conocer para poder dar tus primeros pasos en este apasionante mundo.
My learning, tutorials on Cybersecurity
Production-ready KQL queries for Microsoft Defender XDR and Microsoft Sentinel. Focused on Threat Hunting, Detection Engineering, and MITRE ATT&CK mapping.
Write detections, investigate alerts, and query logs from your favorite AI agents
基于Agent驱动的网络安全流量监控与分析平台,下一代AI驱动的安全运营协作平台 — 智能告警研判、资产关联、协同处置与自动化报告生成,为护网行动增添一把利器。
Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common format into Elasticsearch with the main goal of being used by the Security solution.
A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.
📊 Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.
A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.
Intelligent SOC automation framework powered by LangGraph multi-agent workflows for alert triage, correlation, and incident response
Add a description, image, and links to the security-operations topic page so that developers can more easily learn about it.
To associate your repository with the security-operations topic, visit your repo's landing page and select "manage topics."