An efficient utility for auditing email account security, validating credentials, and managing email lists.

Brute force detection with exponential-decay pressure scoring, 57 service rules, 8 firewall backends, GeoIP enrichment, and multi-channel alerting

Real-time Linux server security dashboard — beautiful TUI with attack maps, gauges, and sparklines. Built in Rust. Zero dependencies. cargo install vigil

Lightweight SSH brute-force analyzer. Detects threats in authentication logs, classifies severity, exports blocklists for fail2ban with NO external dependencies.

This project demonstrates SSH authentication log analysis using Splunk SIEM to detect malicious activity such as brute-force attacks, unauthorized access attempts, and suspicious SSH behavior. It simulates real-world SOC analyst workflows, including log ingestion, SPL queries, dashboards, and alerting.

A robust Python-based real-time activity monitoring toolkit for defense (Blue Team) operations. Features configurable detection for SSH brute-force, sensitive resource access, and suspicious keywords, with JSON/log alerting, simulated input for testing, and customizable rules for live gameplay in cybersecurity.

Python-based SOC tool for detecting SSH brute-force attacks from authentication logs with IP classification and mitigation suggestions.

Brute force attack detection using SSH logs and Fail2Ban with real-world simulation and mitigation.

Python script to detect brute force SSH login attempts from raw logs

Advanced RDP Login Monitoring & Alert System built with Python. Detects, analyzes, and alerts suspicious Remote Desktop login attempts in real-time using Windows Event Logs. Designed for cybersecurity monitoring, SOC operations, and threat detection.

A comprehensive Splunk-based SOC investigation project. Includes automated threat detection, custom dashboard visualization, incident response workflow, and forensic log analysis to combat brute-force attacks.

A real-time Splunk SIEM dashboard for threat detection, attack monitoring, Windows event analysis, brute-force detection, Sysmon logging, and MITRE ATT&CK visualization in a home SOC lab environment.

A command-line log analyzer written in C that detects brute-force login attempts by analyzing failed authentication logs.

Microsoft Sentinel cloud SIEM lab - deployed Azure VM, ingested Windows Security Events via AMA, wrote KQL queries to detect brute force attacks and failed logins in real time. Replicates L1 SOC analyst workflows.

A comprehensive SOC lab for real-time threat detection, alerting via Telegram, and incident response using Splunk and Windows Event Logs.

CLI log anomaly detector for auth and web server logs — detects brute force, privilege escalation, and scanner behavior

Authentication log analysis tool for security assessment

End-to-end SOC workflow simulating brute force detection on real Linux auth logs using Python log parsing, automated threat scoring, and Splunk SIEM dashboard visualization.

A Machine Learning-Based Network Intrusion Detection System (NIDS) designed to detect high-frequency and slow-stealthy HTTP POST Brute Force attacks using ANOVA feature selection and Random Forest ensembles.

SOC Home Lab using Splunk SIEM — brute force detection with SPL correlation rules, Burp Suite attack simulation, and automated IP blocking via iptables