学习安全运营的记录 | The knowledge base of security operation

Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud

Detecting ATT&CK techniques & tactics for Linux

Open-source framework to detect outliers in Elasticsearch events

Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques

Curso para aprender Ciberseguridad desde cero, en español y 100% gratis. Abarca 5 dominios fundamentales que necesitas conocer para poder dar tus primeros pasos en este apasionante mundo.

My learning, tutorials on Cybersecurity

MCP Server for Wazuh SIEM

Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common format into Elasticsearch with the main goal of being used by the Security solution.

📊 Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.

Write detections, investigate alerts, and query logs—all from your favorite AI agents

A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.

An Elasticsearch Beat to monitor DNS zones through customizable zone transfers.

Interviewing Help for Information Security Jobs (With Answers)

安全运维工具箱是一款面向安全运维场景的集成化利器，融合了资产管理、资产测绘、漏洞检测、配置核查、弱口令检测、批量化运维、漏洞跟踪、报告生成以及日志审计等核心功能模块。

A user-friendly and powerful tool to analyze Windows Security Events

A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.

Visual analytics using Databricks & Graphistry for cybersecurity investigations

A comprehensive integration solution connecting MISP threat intelligence with Wazuh security monitoring for real-time threat detection. This project provides step-by-step instructions for deploying, configuring, and integrating MISP and Wazuh with Sysmon to automatically detect indicators of compromise (IoCs) in your environment.

This is a cybersecurity certification that proves that an individual have the fundamental knowledge, skills and ability for an entry-level or junior-level cybersecurity role. It is ANAB accredited, ISO/IEC STANDARD 17024.