Field reference for BTL1 and Tier 1 SOC work — grep-ready cheatsheets, SPL queries, Volatility workflows, live response commands
-
Updated
Mar 16, 2026 - HTML
Field reference for BTL1 and Tier 1 SOC work — grep-ready cheatsheets, SPL queries, Volatility workflows, live response commands
Free self-hosted OSINT investigator's toolkit. Twelve tools in one: crypto tracing, phishing fingerprinting, domain intel, Telegram OSINT, IP reputation, email header forensics with LLM scam detection, Google dork generator, script deobfuscator. AGPL-3.0.
Curated Blue Team toolkit for defensive cybersecurity: asset discovery, vulnerability management, network monitoring, DFIR, threat intelligence, cryptography, endpoint security and SIEM/log management.
Email Header Forensics Lab is a desktop application for inspecting, generating, editing, and analyzing email headers in controlled environments for forensic analysis, security research, and authentication testing.
Phishing email investigation with full header analysis, link inspection, red-flag detection.
Comprehensive phishing incident response simulation with email forensics, threat intelligence enrichment, and NIST-aligned playbook
Phishing awareness analysis toolkit that detects suspicious email red flags, analyzes phishing indicators, and generates Safe / Suspicious / Malicious verdicts.
SOC-focused phishing investigation lab demonstrating OSINT analysis, IOC extraction, domain intelligence validation, and MITRE ATT&CK mapping.
Hands on analysis and defending against phishing emails. Investigating real-world phishing attempts using a variety of techniques.
Phishing triage analysis of a real Sneaky2FA AiTM campaign targeting Microsoft 365. Documents the full attack chain, IOC extraction, evasion techniques, and sandbox vs reputation tool detection gap.
Network traffic analysis and phishing investigation project focused on TCP SYN scan detection, threat analysis, and cybersecurity incident identification.
A full phishing investigation of a cryptocurrency themed scam email containing a malicious PDF and Bitly redirect. Includes header analysis, attachment analysis, IOCs, MITRE ATT&CK mapping, and a SOC level risk assessment.
Hands-on SOC Analyst portfolio covering SIEM monitoring, threat detection, phishing analysis, credential attack detection, network forensics, IOC extraction, and MITRE ATT&CK mapping.
Advanced phishing detection web application that analyzes suspicious emails using 20+ phishing red-flag rules, risk scoring, sample attack simulations, and optional AI-powered threat analysis.
TrustNoChar is a zero-dependency browser-based lab that demonstrates how Unicode homoglyphs and typosquatting attacks exploit human visual perception. It transforms text into deceptive lookalike variants in real time to help researchers, red teams, and security learners study phishing, rendering quirks, and cognitive security risks. 🛡️👁️
OSINT-driven analysis of a Trustwallet phishing campaign — infrastructure, lures, and indicators of compromise.
Forensic analysis of a targeted phishing campaign, email header tracing, URL sandboxing, and IOC extraction.
Phishing analysis lab using PhishTank, VirusTotal, MXToolbox, and PhishTool to investigate 3 live phishing URLs and 2 phishing emails targeting cryptocurrency users. Covers URL analysis, email header analysis, SPF/DKIM/DMARC authentication, and campaign correlation.
Simulation and analysis of phishing emails — headers, payloads, and attacker techniques.
Executive phishing email analysis for VitalCare Health Solutions – includes header inspection, BEC indicators, SPF/DKIM/DMARC checks, malicious attachment & URL analysis, and a stakeholder-ready executive report with findings, impact, and recommendations.
Add a description, image, and links to the phishing-analysis topic page so that developers can more easily learn about it.
To associate your repository with the phishing-analysis topic, visit your repo's landing page and select "manage topics."