Brute force detection with exponential-decay pressure scoring, 57 service rules, 8 firewall backends, GeoIP enrichment, and multi-channel alerting

Lightweight SSH brute-force analyzer. Detects threats in authentication logs, classifies severity, exports blocklists for fail2ban with NO external dependencies.

A robust Python-based real-time activity monitoring toolkit for defense (Blue Team) operations. Features configurable detection for SSH brute-force, sensitive resource access, and suspicious keywords, with JSON/log alerting, simulated input for testing, and customizable rules for live gameplay in cybersecurity.

Lightweight security log analysis engine built with Spring Boot. LogPulse automates threat detection for brute-force attacks, suspicious login patterns, and account anomalies, featuring a clean, minimalist web dashboard for real-time security insights.

This project demonstrates SSH authentication log analysis using Splunk SIEM to detect malicious activity such as brute-force attacks, unauthorized access attempts, and suspicious SSH behavior. It simulates real-world SOC analyst workflows, including log ingestion, SPL queries, dashboards, and alerting.

Python-based SOC tool for detecting SSH brute-force attacks from authentication logs with IP classification and mitigation suggestions.

Brute force attack detection using SSH logs and Fail2Ban with real-world simulation and mitigation.

Python script to detect brute force SSH login attempts from raw logs

Real-time Linux server security dashboard — beautiful TUI with attack maps, gauges, and sparklines. Built in Rust. Zero dependencies. cargo install vigil

End-to-end SOC workflow simulating brute force detection on real Linux auth logs using Python log parsing, automated threat scoring, and Splunk SIEM dashboard visualization.

A command-line log analyzer written in C that detects brute-force login attempts by analyzing failed authentication logs.

Authentication log analysis tool for security assessment

Automated cybersecurity log analysis and alert system using Termux and Python — Google Certified hands-on project with SIEM, threat detection, and Blue Team tools.

Java login system with brute-force protection and attempt logging.

A comprehensive SOC lab for real-time threat detection, alerting via Telegram, and incident response using Splunk and Windows Event Logs.

CLI log anomaly detector for auth and web server logs — detects brute force, privilege escalation, and scanner behavior

🛡️ Lightweight Linux security metrics agent — deep procfs telemetry, kernel hardening audit, forensic detection, auth intelligence, and an embedded real-time analytics dashboard. Single binary. ~2MB RAM. Prometheus-native.

Advanced RDP Login Monitoring & Alert System built with Python. Detects, analyzes, and alerts suspicious Remote Desktop login attempts in real-time using Windows Event Logs. Designed for cybersecurity monitoring, SOC operations, and threat detection.

Mini SOC lab: Wazuh SIEM + Suricata IDS + Elastic Stack in Docker. Detects SSH brute-force & port scans with automated alerts and Kibana dashboard.

Access Log Correlator - Python based access log correlation tool for detecting failed login bursts with schema validation and JSON output.