Building an Open Source tool suite for a SOC and its continuous improvement
- Suricata NIDS/IPS -- https://suricata-ids.org/
- Wazuh HIDS -- https://wazuh.com/
- OSQuery -- https://osquery.io/
- Cloudflare -- https://dash.cloudflare.com/login
- The Hive -- https://github.com/TheHive-Project/TheHive
- MISP https://www.misp-project.org/
- Minemeld https://github.com/PaloAltoNetworks/minemeld-docker
- AilFramework https://github.com/CIRCL/AIL-framework
- OpenCTI https://www.opencti.io/en/
- Cortex -- https://github.com/TheHive-Project/Cortex
- Cyberchef -- http://icyberchef.com/
- Cuckoo -- https://cuckoosandbox.org/
- Volatility -- https://www.volatilityfoundation.org/
- Viper -- https://hub.docker.com/r/remnux/viper/
- Elastic -- https://www.elastic.co/
- Kibana -- https://www.elastic.co/
- Filebeat -- https://www.elastic.co/
- Portainer -- https://www.portainer.io/
- Watchower -- https://github.com/containrrr/watchtower
- Secrethub -- https://secrethub.io/
- Bitwarden -- https://bitwarden.com/
- Traefik -- https://containo.us/traefik/
- Patrowl -- https://patrowl.io/
- GoPhish (https://getgophish.com/) + Poste.io (https://poste.io/) -- Out of the local environment
- Caldera -- https://github.com/mitre/caldera
- DefectDojo -- https://github.com/DefectDojo/django-DefectDojo (Optional)
- Atomic RedTeam --
- Wiki.js -- https://github.com/Requarks/wiki/
- Gitea -- https://hub.docker.com/r/gitea/gitea
- Heartbeat
- Custom PS Scripts
- Rocket.chat -- https://rocket.chat/
- Jitsi -- https://jitsi.org/
- Sigma Rules -- https://github.com/Neo23x0/sigma
- MITRE ATT&CK -- https://attack.mitre.org/
- Dockle -- https://github.com/goodwithtech/dockle
- SocPrime -- https://my.socprime.com/en/integrations/