SOC Analyst · Security Operations · Threat Detection & Response
name : Irfan
role : SOC Analyst / InfoSec Analyst (Targeting)
location : India
focus :
- SIEM Analysis · Log Correlation · Threat Hunting
- Incident Detection & Response · IR Workflows
- Malware Analysis · EDR · Network Security
- MITRE ATT&CK · Threat Intelligence
- Security Monitoring · Alert Triage
open_to :
- SOC Analyst L1/L2
- Security Operations Center Analyst
- Threat Detection Analyst
- InfoSec Analyst
mission : Build tools that train the next generation of SOC analysts and make security operations accessible to everyone.
Four tools built for SOC analysts and security teams. No signup. No backend. Offline first.
Interactive SIEM dashboard with 100 progressive challenges. Train like a real SOC L1 analyst — log analysis, threat detection, incident response, MITRE ATT&CK mapping.
| Feature | What It Covers |
|---|---|
| 100 Challenges | 5 difficulty levels: Beginner → Intermediate → Advanced → Expert → Master |
| Challenge Categories | Authentication, Network Analysis, Malware Detection, Lateral Movement, Data Exfiltration, Incident Response, APT Analysis |
| Complete Workbook | All solutions with explanations, MITRE ATT&CK mappings, real-world relevance |
| 4-Day Mastery Plan | Structured learning path from basic log filtering to advanced threat hunting |
| SIEM Skills | Splunk/QRadar-style queries, log correlation, pattern detection, IR workflows |
Browser-based interactive network attack lab. 7 attack simulations with animated packet flow, MITRE ATT&CK mappings, four-phase kill chains, and byte-level packet analysis. Pure red team attacker mindset for blue team defenders.
| Feature | What It Covers |
|---|---|
| Attack Simulations | ARP Spoofing, DNS Poisoning, SYN Flood, VLAN Hopping, DHCP Starvation, BGP Hijacking, Full MITM |
| Kill Chain Engine | Four-phase attack lifecycle with real commands |
| MITRE ATT&CK | Full framework mapping per attack |
| Live Packet Forge | Byte-level packet structure analysis |
| Detection Log | Real-time attacker/defender event feed |
Browser-based GRC audit simulation platform. Run complete audit engagements from scoping to final report across 15 industry scenarios. Every decision scored. Every finding graded.
| Feature | What It Covers |
|---|---|
| 15 Engagements | Banking, Healthcare, Government, Retail, Technology |
| 7-Phase Engine | Briefing → Scoping → Evidence → Testing → Findings → Response → Report |
| 93 Controls | Full ISO 27001:2022 searchable control library |
| Risk Assessment Lab | 25 scenarios with likelihood × impact matrix |
| Audit Toolkit | Risk Matrix, Findings Builder, Framework Mapper, Evidence Checklist |
| PDF Export | Professional audit report generation |
ISO 27001:2022 toolkit that turns every Annex A control into an actionable tool. Built for engineers and GRC teams who need to implement compliance, not just document it.
| Feature | What It Solves |
|---|---|
| Compliance Heatmap | Visual status of all 93 controls at a glance |
| Risk Register | Score, sort by severity, export for auditors |
| SoA Generator | Audit-ready Statement of Applicability in 5 mins |
| Threat Mapper | Real attacks mapped to exact control gaps |
| Posture Score | ISMS radar chart across 4 Annex A domains |
| Evidence Wizard | Exact checklist of what auditors will ask for |
| Code Snippets | Terraform · GitHub Actions · Bash · Python |
| 2013 → 2022 Diff | Full migration map for transitioning orgs |
Most SOC training is theoretical. I build tools that simulate real security operations center workflows — SIEM queries, incident investigations, threat hunting, and response procedures.
SOC Tools & Platforms:
- SIEM: Splunk, ELK Stack, QRadar
- EDR: CrowdStrike, Windows Defender ATP, Sysmon
- Network: Wireshark, tcpdump, Zeek, Suricata
- Threat Intel: MITRE ATT&CK, VirusTotal, AbuseIPDB, OSINT
Security Analysis:
- Log Analysis (Windows Event Logs, Syslog, Firewall)
- Malware Triage & Behavioral Analysis
- Network Traffic Analysis (PCAP)
- Incident Response & Forensics
- Threat Hunting & Detection Engineering
Compliance & GRC:
- ISO 27001:2022 Gap Analysis & Implementation
- Risk Assessment & Control Frameworks
- Audit Preparation & Evidence Collection
- ISMS Documentation
Technical Foundation:
- Linux & Windows Security Hardening
- Network Protocols & Security (TCP/IP, DNS, HTTP/S)
- Scripting: Python, Bash, PowerShell (basic)
- Web Security: SQL Injection, XSS, Authentication Bypasses
- 🎓 B.Tech Cybersecurity (Final Semester)
- 🏆 DFIR Certification - IIT Roorkee
- 🔬 Hands-on Experience:
- SOC Lab Work (TryHackMe, LetsDefend, Blue Team Labs)
- IAM Simulation & Access Control
- ISO 27001:2022 Gap Analysis Project
- Splunk SIEM Configuration & Dashboards
- MITRE ATT&CK Framework Application
- 🔭 Building hands-on SOC training simulators
- 🌱 Completing 100 SIEM challenges (threat hunting, IR workflows)
- 🎯 Targeting: SOC Analyst L1, InfoSec Analyst, Threat Detection roles
- 📚 Studying: Advanced threat hunting, memory forensics, malware reverse engineering
"Security operations isn't about tools — it's about how you think. My projects teach the investigative mindset SOC analysts need in the real world."