SOC Analyst Training Portal v1.0
SOC TRAINING HUB
Your complete Tier 1 SOC Analyst training portal. 8 hands-on labs, hundreds of exercises, interview practice with AI feedback, and real attack scenarios.
ALL SYSTEMS OPERATIONAL - Ready to train
Choose Your Lab
St
SOC Study System
10 comprehensive chapters covering CIA Triad, Incident Response, Threat Intel, SIEM, Splunk, Network fundamentals, Windows Event IDs, and interview prep.
Open Lab >
Cc
Claude Code for Cybersecurity
Interactive study system covering how to use Claude Code for security work. Modules on CLAUDE.md, Skills, MCP, and Sub-agents and Hooks with quizzes and progress tracking.
Open Course >
Ta
Threat Modeling for Agentic AI
Study system on threat modeling for AI agents. Covers OWASP agentic threats, the MAESTRO framework, and defensive design patterns across structured lessons and modules.
Open Course >
Wb
SOC Workbench
AI-powered analyst tools. Paste suspicious logs for triage, enrich IOCs, build queries, and generate incident response plans.
Open Lab >
Sp
Splunk Practice Lab
Working SPL query engine with 33 realistic SOC events. Hunt brute force, C2 beacons, RDP lateral movement, and DNS tunneling.
Open Lab >
Ws
Wireshark Lab
10 PCAP files with click-to-inspect packets. Master display filter syntax, protocol layers, and TCP flag analysis.
Open Lab >
Td
TCPDump Lab
Command-line packet analysis with real BPF filter syntax. 9 attack scenarios including port scans, brute force, and reverse shells.
Open Lab >
Lx
Linux Terminal Lab
Virtual Linux filesystem with 30+ files. Practice 25+ commands like ls, cat, grep, find, chmod, pipes, redirection, and more.
Open Lab >
Bd
Bandit Wargame
All 34 levels of OverTheWire Bandit simulated locally. Master CTF essentials. Recon, decoding, exploitation, and privilege escalation.
Open Lab >
Iv
Interview Trainer
6 fun modes: animated flashcards, multiple choice quiz, 60-second speed round, AI-powered interview practice, and visual memory maps.
Open Lab >
Quick Reference
Critical Ports
22SSH
80 / 443HTTP / HTTPS
445SMB (EternalBlue!)
3389RDP (ransomware!)
4444Metasploit reverse shell
53DNS
Windows Event IDs
4624Successful logon
4625Failed logon
4688New process
4720Account created
4728Added to group
1102Audit log cleared!
IR Phases (PICERL)
PPreparation
IIdentification
CContainment
EEradication
RRecovery
LLessons Learned
Logon Types
2Interactive (console)
3Network (SMB)
4Batch (scheduled)
5Service
10RDP (lateral move!)
11Cached interactive
Never give up, never underestimate yourself, practice makes a man perfect.
Nazim Ahmed's Mantra