Pentest Lab: Recon (Nmap) + DAST (OWASP ZAP baseline/full) against OWASP Juice Shop with reproducible HTML/TXT/PNG evidence and optional SOC correlation.
-
Updated
Nov 9, 2025 - HTML
#
mitre-attck
Here are 13 public repositories matching this topic...
Personal SOC lab using T-Pot CE on AWS to analyze real-world attack telemetry through Honeypots, Suricata, and offline log analysis
security alert kibana logstash home analysis honeypot incident-response lab elk cybersecurity soc triage homelab tpot spiderfoot t-pot mitre-attack mitre-attck tpotce
-
Updated
Jan 21, 2026
Practical SOC detection engineering and incident response case studies, including SIEM/XDR detections, alert triage, and malware analysis.
-
Updated
Jan 28, 2026
Machine learning project for classifying cybersecurity incidents (TP, BP, FP) using the GUIDE dataset. Includes data preprocessing, feature engineering, model benchmarking, and evaluation with macro-F1, precision, and recall. Supports SOC automation, threat detection, and enterprise security management.
python data-science machine-learning random-forest incident-response cybersecurity neural-networks xgboost classification lightgbm feature-engineering soc imbalanced-data model-evaluation capstone-project threat-detection precision-recall enterprise-security macro-f1 mitre-attck
-
Updated
Feb 17, 2026 - Jupyter Notebook
Wireless Zero Trust threat detection and response lab using Python and Scapy, with MITRE ATT&CK mapping and SIEM-style logging.
-
Updated
Feb 8, 2026 - Python
SOC-style ransomware investigation using KQL (Azure Data Explorer)
incident-response cybersecurity educational ransomware threat-hunting soc blue-team azure-data-explorer kql mitre-attck
-
Updated
Dec 19, 2025
OT/ICS cybersecurity lab demonstrating detection of unauthorized Modbus RTU (FC06) write activity using Python telemetry and Splunk SIEM correlation. Includes MITRE ATT&CK (ICS) mapping and SOC-grade incident documentation.
raspberry-pi splunk modbus siem modbus-rtu ics-security blue-team industrial-control-systems detection-engineering ot-security mitre-attck
-
Updated
Feb 14, 2026
Command-line (proctitle) classification into MITRE ATT&CK techniques using TF-IDF + Logistic Regression and an LSTM baseline, with a custom token pattern tailored for cyber artifacts (IPs, paths, flags, URLs).
nlp machine-learning deep-learning tensorflow scikit-learn cybersecurity threat-detection mitre-attck
-
Updated
Jan 13, 2026 - Python
Evidence-based SOC Tier 1/2 projects: log pipelines, alert triage, detection rules, threat hunting, incident tickets, and lab writeups (Wazuh, Sysmon, Zeek, Suricata, Velociraptor).
incident-response suricata sysmon threat-hunting siem soc zeek wazuh windows-security detection-engineering mitre-attck
-
Updated
Feb 19, 2026 - PowerShell
Enterprise Active Directory security lab focused on privileged access hardening, audit policy configuration, detection engineering, and incident response. Simulates unauthorized privilege escalation attacks with forensic log analysis and MITRE ATT&CK mapping.
incident-response active-directory cybersecurity siem blue-team detection-engineering windows-server-2022 mitre-attck
-
Updated
Dec 12, 2025
SOC triage tool to enrich Windows command-line logs with MITRE mapping and analyst context
-
Updated
Feb 2, 2026 - Python
EDR/XDR detection coverage, gaps, and governance considerations for enterprise environments
cybersecurity xdr edr threat-detection security-monitoring risk-based-monitoring detection-engineering security-governance mitre-attck coverage-gaps
-
Updated
Dec 16, 2025
Behavior-based Linux malware profiler: ptrace syscall tracing → JSONL events → heuristic analysis with IOC extraction & MITRE ATT&CK mapping. No signatures, no hashes
cybersecurity syscalls malware-analysis linux-security threat-detection behavioral-analysis mitre-attck
-
Updated
Dec 25, 2025 - Python
Improve this page
Add a description, image, and links to the mitre-attck topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the mitre-attck topic, visit your repo's landing page and select "manage topics."