Practical Python tools for log analysis, threat detection, and automation.
Part of my Home SOC Lab portfolio... used in blue team, SOC, and basic incident response workflows.
- Automate repetitive security workflows
- Parse and analyze logs for suspicious behavior
- Build lightweight tools for reconnaissance and defense
- Demonstrate scripting capability in operational security
| Script Name | Description | Status |
|---|---|---|
hello.py |
Environment setup confirmation | ✅ Completed |
log_parser.py |
Parses auth logs to detect login anomalies | ✅ Completed |
port_scanner.py |
TCP port scanner using sockets | 🛠️ In progress |
alert_trigger.py |
Real-time alert on suspicious log entries | ⏳ Planned |
auto_blocker.py |
IP blocker based on brute-force detection | ⏳ Planned |
- File I/O and structured log parsing
- Modular scripting and CLI argument handling
- Regex for pattern detection (upcoming)
- Socket-based scanning (in development)
- Defensive automation via IP rules or alerts