Field reference for BTL1 and Tier 1 SOC work — grep-ready cheatsheets, SPL queries, Volatility workflows, live response commands
-
Updated
Mar 16, 2026 - HTML
Field reference for BTL1 and Tier 1 SOC work — grep-ready cheatsheets, SPL queries, Volatility workflows, live response commands
Free self-hosted OSINT investigator's toolkit. Twelve tools in one: crypto tracing, phishing fingerprinting, domain intel, Telegram OSINT, IP reputation, email header forensics with LLM scam detection, Google dork generator, script deobfuscator. AGPL-3.0.
Curated Blue Team toolkit for defensive cybersecurity: asset discovery, vulnerability management, network monitoring, DFIR, threat intelligence, cryptography, endpoint security and SIEM/log management.
Email Header Forensics Lab is a desktop application for inspecting, generating, editing, and analyzing email headers in controlled environments for forensic analysis, security research, and authentication testing.
Phishing email investigation with full header analysis, link inspection, red-flag detection.
Comprehensive phishing incident response simulation with email forensics, threat intelligence enrichment, and NIST-aligned playbook
SOC-focused phishing investigation lab demonstrating OSINT analysis, IOC extraction, domain intelligence validation, and MITRE ATT&CK mapping.
Phishing awareness analysis toolkit that detects suspicious email red flags, analyzes phishing indicators, and generates Safe / Suspicious / Malicious verdicts.
Network traffic analysis and phishing investigation project focused on TCP SYN scan detection, threat analysis, and cybersecurity incident identification.
Phishing triage analysis of a real Sneaky2FA AiTM campaign targeting Microsoft 365. Documents the full attack chain, IOC extraction, evasion techniques, and sandbox vs reputation tool detection gap.
A full phishing investigation of a cryptocurrency themed scam email containing a malicious PDF and Bitly redirect. Includes header analysis, attachment analysis, IOCs, MITRE ATT&CK mapping, and a SOC level risk assessment.
Hands on analysis and defending against phishing emails. Investigating real-world phishing attempts using a variety of techniques.
Advanced phishing detection web application that analyzes suspicious emails using 20+ phishing red-flag rules, risk scoring, sample attack simulations, and optional AI-powered threat analysis.
AI-assisted phishing email analysis platform built with Flask featuring IOC extraction, threat scoring, dashboard visualization and automated security reporting.
Hands-on SOC Analyst portfolio covering SIEM monitoring, threat detection, phishing analysis, credential attack detection, network forensics, IOC extraction, and MITRE ATT&CK mapping.
Forensic analysis of a targeted phishing campaign, email header tracing, URL sandboxing, and IOC extraction.
Simulation and analysis of phishing emails — headers, payloads, and attacker techniques.
OSINT-driven analysis of a Trustwallet phishing campaign — infrastructure, lures, and indicators of compromise.
TrustNoChar is a zero-dependency browser-based lab that demonstrates how Unicode homoglyphs and typosquatting attacks exploit human visual perception. It transforms text into deceptive lookalike variants in real time to help researchers, red teams, and security learners study phishing, rendering quirks, and cognitive security risks. 🛡️👁️
Phishing analysis lab using PhishTank, VirusTotal, MXToolbox, and PhishTool to investigate 3 live phishing URLs and 2 phishing emails targeting cryptocurrency users. Covers URL analysis, email header analysis, SPF/DKIM/DMARC authentication, and campaign correlation.
Add a description, image, and links to the phishing-analysis topic page so that developers can more easily learn about it.
To associate your repository with the phishing-analysis topic, visit your repo's landing page and select "manage topics."