Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
-
Updated
Dec 17, 2025 - Shell
#
threat-detection
Here are 22 public repositories matching this topic...
Building one Solution for Threat management and detection for you network with Open source SOC solution.
open source cybersecurity soc soar threat-detection siem-development soc-automation open-source-soc open-source-security-operation-centre cyber-security-home-lab build-own-soc automated-soc-solution devleop-open-source-soc-guide
-
Updated
May 15, 2024 - Shell
Real-time HTTP/HTTPS DLP proxy with traffic inspection, detecting 44+ sensitive data patterns (PII, credentials, API keys, financial data). Features interactive dashboard, complete traffic capture, and flow viewer. Deploy in minutes with Docker. Stop data leaks before they happen. This is a tool that can test applications such as AI agents
python mitm traffic-analysis cybersecurity compliance mitmproxy dlp network-security ssl-inspection data-loss-prevention real-time-monitoring threat-detection pii-detection https-inspection credential-detection
-
Updated
Nov 18, 2025 - Shell
A complete hands-on lab for learning SQL injection exploitation and detection using modern security tools. This repository accompanies a three-part article series that takes you from basic PHP exploitation to enterprise-grade detection with Sigma rules on Kubernetes.
-
Updated
Aug 9, 2025 - Shell
🔍 Inspect and secure HTTPS traffic in real-time with a robust DLP proxy, monitoring sensitive data patterns and providing an interactive dashboard for alerts and analysis.
python mitm traffic-analysis cybersecurity compliance mitmproxy dlp network-security ssl-inspection data-loss-prevention real-time-monitoring threat-detection pii-detection https-inspection credential-detection
-
Updated
Apr 6, 2026 - Shell
This project integrates Wazuh, ELK Stack (Elasticsearch, Logstash, Kibana), and Splunk to create a comprehensive network security monitoring solution. It collects, processes, stores, and analyzes security logs from endpoints and network devices, providing real-time threat detection, incident response, and visual dashboards.
network-security-monitoring elk-stack wazuh threat-detection splunk-log-management siem-security splunk-integration
-
Updated
Apr 27, 2025 - Shell
AI-powered threat monitoring solution for small/SME networks, leveraging Snort, ntopng, pfSense, pfBlockerNG, and LLM analyses to detect, assess and take action in real time against malicious actors. Integrates automated blacklist generation and comprehensive threat intelligence reporting (web/PDF).
bash ntopng snort threat-analysis firewall-management threat-detection pfblockerng openai-api llm agentic
-
Updated
Jan 25, 2026 - Shell
Next-generation AI-powered security distribution with quantum-resistant cryptography, blockchain audit, and autonomous self-healing
linux security machine-learning ai ubuntu blockchain cybersecurity malware-analysis threat-detection quantum-cryptography
-
Updated
Dec 30, 2025 - Shell
Detects host-level DDoS floods and UDP carpet-bombing patterns for early defensive warning.
protection ddos-attacks cyber ethical-hacking network-security security-tools threat-detection open-source-software
-
Updated
Dec 7, 2025 - Shell
Threat detection lab simulating security monitoring in Linux environments using log analysis, detection rules and correlation between authentication, system and resource events.
linux bash security automation log-analysis monitoring cybersecurity siem devsecops threat-detection incident-detection
-
Updated
Mar 31, 2026 - Shell
Interactive Bash tool that merges ss and netstat output, enriches IPs with ipinfo.io data, and displays real-time connection intelligence.
security networking sysadmin-tool geolocation-data threat-detection ip-intelligence network-monitoring-tool system-administration-tools
-
Updated
Mar 29, 2026 - Shell
Enterprise-grade AI security scanner - local, private, comprehensive system security analysis
linux security devops security-audit automation privacy ai cybersecurity code-review security-tools vulnerability-scanner threat-detection llm local-ai ollama
-
Updated
Dec 30, 2025 - Shell
SOC Analyst home lab with Wazuh SIEM, Sysmon logging, brute-force detection, MITRE ATT&CK mapping, and incident response workflow.
-
Updated
Mar 24, 2026 - Shell
Log monitoring and alerting project simulating SOC threat detection using threshold-based analysis. This script was developed as part of the Turn a New Leaf project , an automated log monitoring workflow .
-
Updated
Apr 5, 2026 - Shell
Incident response lab simulating a real-world security incident lifecycle, including detection, investigation, containment and remediation of a brute force attack using log analysis and response playbooks.
linux security automation log-analysis incident-response dfir cybersecurity soc blueteam devsecops threat-detection security-operations
-
Updated
Mar 31, 2026 - Shell
Monitors listening ports and alerts on sudden exposure changes or suspicious service surges.
log-analysis incident-response cybersecurity network-monitoring siem bash-script network-security linux-security blue-team defensive-security vigil threat-detection port-monitoring red-specter
-
Updated
Dec 7, 2025 - Shell
SOC Detection Engineering & Incident Investigation with Wazuh across Linux and Windows endpoints
incident-response suricata sysmon siem soc linux-security wazuh blue-team mitre-attack threat-detection security-operations windows-security detection-engineering
-
Updated
Apr 2, 2026 - Shell
Open-source security operations center (SOC) lab environment designed for defenders, detection engineers, and security analysts to learn and practice blue team tradecraft in a controlled, reproducible, and fork-friendly setting.
docker open-source elasticsearch cybersecurity siem soc security-training hands-on-lab blue-team mitre-attack threat-detection kql detection-engineering
-
Updated
Mar 5, 2026 - Shell
⚡ Open-Source SOC Alert Notifier | Wazuh • Kibana • Filebeat • Slack • Elasticsearch – Real-Time Threat Detection & Alert Automation
-
Updated
Nov 12, 2025 - Shell
SIEM lab simulating centralized log monitoring, event correlation and alert generation using authentication and system logs with detection rules based on real-world security scenarios.
linux security log-analysis monitoring event-correlation cybersecurity siem soc observability devsecops threat-detection security-operations
-
Updated
Mar 31, 2026 - Shell
Improve this page
Add a description, image, and links to the threat-detection topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the threat-detection topic, visit your repo's landing page and select "manage topics."