Skip to content

yogigodaraa/SOCShield

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
.github/workflows
.github/workflows
 
 
backend
backend
 
 
config
config
 
 
docs
docs
 
 
frontend
frontend
 
 
scripts
scripts
 
 
.gitignore
.gitignore
 
 
.vercelignore
.vercelignore
 
 
DIRECTORY_STRUCTURE.md
DIRECTORY_STRUCTURE.md
 
 
INTEGRATION_COMPLETE.md
INTEGRATION_COMPLETE.md
 
 
INTEGRATION_GUIDE.md
INTEGRATION_GUIDE.md
 
 
INTEGRATION_SUCCESS.md
INTEGRATION_SUCCESS.md
 
 
LICENSE
LICENSE
 
 
PROJECT_STRUCTURE.md
PROJECT_STRUCTURE.md
 
 
QUICK_START_NOW.md
QUICK_START_NOW.md
 
 
README.md
README.md
 
 
START_HERE.md
START_HERE.md
 
 
commit-message.txt
commit-message.txt
 
 
package.json
package.json
 
 
setup-and-start.sh
setup-and-start.sh
 
 
start-both.sh
start-both.sh
 
 
start-services.sh
start-services.sh
 
 
stop-services.sh
stop-services.sh
 
 
test-integration.sh
test-integration.sh
 
 

Repository files navigation

SOCShield

AI-driven phishing detection & response for Security Operations Centers.

What it does

Monitors inboxes (IMAP/SMTP), runs each incoming email through an LLM for phishing classification, extracts Indicators of Compromise (malicious domains, URLs, IPs), and optionally quarantines or blocks the threat automatically. Integrates with existing SOC workflows via REST API and can feed alerts to SIEM.

Supports three AI providers (switchable): Google Gemini 2.5, OpenAI GPT-4, Anthropic Claude 3. Real-time dashboard shows threat feed, IOCs, and system health.

Tech stack

Backend (backend/) — Python 3.11+

  • FastAPI
  • PostgreSQL 15+
  • Redis (caching)
  • Celery (task queue)
  • JWT auth + rate limiting
  • Swagger / OpenAPI docs

Frontend (frontend/) — Next.js 14

  • Tailwind CSS
  • Recharts (real-time visualization)

Getting started

npm run install:all          # installs frontend + backend deps
npm run dev:both             # backend (8000) + frontend (3000)

Or run them separately:

npm run dev:backend
npm run dev:frontend

Test integration:

./test-integration.sh

See QUICK_START_NOW.md and INTEGRATION_GUIDE.md for full setup.

Project structure

backend/           FastAPI app, Celery workers, DB models
frontend/          Next.js dashboard
config/            Shared config
scripts/           Service start/stop scripts
docs/              Architecture + integration guides

Status

Active. Backend–frontend integrated. Self-reported detection stats: ~95% accuracy, ~19s detection time. MIT license declared in package.json; no top-level LICENSE file yet.

About

Autonomous AI phishing detection & response for SOCs — multi-provider LLM classification, IOC extraction, real-time dashboard.

soc-shield-cyan.vercel.app

Topics

python ai nextjs gemini cybersecurity openai soc threat-detection phishing-detection fastapi security-operations-center anthropic

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

 
 
 

Contributors

Languages