学习安全运营的记录 | The knowledge base of security operation

Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud

Detecting ATT&CK techniques & tactics for Linux

Open-source framework to detect outliers in Elasticsearch events

Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques

Curso para aprender Ciberseguridad desde cero, en español y 100% gratis. Abarca 5 dominios fundamentales que necesitas conocer para poder dar tus primeros pasos en este apasionante mundo.

My learning, tutorials on Cybersecurity

Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common format into Elasticsearch with the main goal of being used by the Security solution.

MCP Server for Wazuh SIEM

📊 Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.

MCP Server for Panther

A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.

An Elasticsearch Beat to monitor DNS zones through customizable zone transfers.

Interviewing Help for Information Security Jobs (With Answers)

A user-friendly and powerful tool to analyze Windows Security Events

Visual analytics using Databricks & Graphistry for cybersecurity investigations

A comprehensive integration solution connecting MISP threat intelligence with Wazuh security monitoring for real-time threat detection. This project provides step-by-step instructions for deploying, configuring, and integrating MISP and Wazuh with Sysmon to automatically detect indicators of compromise (IoCs) in your environment.

This is a cybersecurity certification that proves that an individual have the fundamental knowledge, skills and ability for an entry-level or junior-level cybersecurity role. It is ANAB accredited, ISO/IEC STANDARD 17024.

A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.

Cyber Threat Detection and Response: Academic Mini Project with Integration of Sysmon, YARA, Sliver C2, and LimaCharlie EDR to simulate and analyze ransomware/memory dump threats