ArthurL1123/SoC-project — reverse-engineered prompt
Reverse engineered prompt
Build me a hands on SOC analyst portfolio project that feels like a small real Security Operations Center. I want it centered around a live SIEM dashboard that pulls together alerts from Suricata, Snort, and a Cowrie honeypot, then shows useful visuals in Kibana so someone can quickly see scans, suspicious traffic, and brute force login attempts. Please include the setup and documentation, a few simple Python or Bash helper scripts where they make sense, sample threat hunting queries mapped to MITRE ATT and CK, and a few incident response playbooks for common alerts.
I also want it to read like a portfolio piece for an undergraduate or entry level SOC role, so add clear evidence of simulated detections such as port scans, ICMP or TCP alerts, and failed SSH logins, with screenshots or placeholders and short explanations of what happened and why it matters. Keep the repo clean and easy to follow. You can look up current docs online if needed.
Want more depth? Deep Reverse