Welcome to my SOC Homelab
This repository is a personal project where I explore and learn about Security Operations Center (SOC) concepts, tools, and workflows. It's a hands-on environment for experimenting with detection techniques, threat analysis, logging, alerting, and more.
This repo may include:
- Sample PCAP files and analysis
- Detection rules
- Notes on SOC tools and techniques
- Vulnerability and threat assessments
- Lab configurations and testing setups
This is a learning environment. Use everything here responsibly and only in safe, controlled environments.
To build and reinforce practical SOC skills, including:
- Threat detection & response
- Log analysis
- Incident handling
- SIEM usage
- Threat intelligence
Feel free to explore, clone, and use anything helpful for your own cybersecurity learning journey.
Throughout this homelab, I demonstrate and experiment with various foundational security tools and knowledge, including:
- Phishing Analysis
- TCPDump – For capturing and inspecting network traffic via CLI
- Snort – As a network intrusion detection/prevention system (NIDS/NIPS)
- Wireshark – For in-depth packet analysis in a GUI-friendly interface
- ELK Stack Setup