SUDOSOC
Your complete SOC and red team workspace — browser-native, offline-first, no account required. Nothing leaves your machine.
141 Tools
·
Zero Telemetry
·
Offline-First
0 tools
·
0 runbooks
·
0 categories
·
$0 forever
🗺️ Full sitemap — 35 pages
The Platform
Four operational zones.
One unified platform.
🛡
Blue Team
Defense & Detection
Dedicated defensive tooling for threat detection, coverage mapping, and blue team operations — from MITRE ATT&CK to multi-SIEM Sigma rule export.
- ATT&CK Navigator — full matrix coverage tracker
- Sigma Builder — export to Splunk SPL, Sentinel KQL, QRadar AQL
- MITRE Log Simulator — realistic Windows & Linux log generation
- Threat Intelligence Hub — 50+ curated TI feeds
- 21 Playbooks — IR, Threat Hunt, DFIR, SOC Ops & Pentest
- IOC Extractor, CVSS Calculator, Pivot Links
5 dedicated pages · 15 SOC tools
⚔️
Red Team
Offense & Simulation
Purpose-built offensive tools for red team operations — attack simulation, infrastructure design, and structured engagement logging with MITRE tagging.
- Attack Chain Visualizer — 14-tactic kill chain builder
- Attack Path Mapper — visual AD lateral movement canvas
- C2 Architect — build infra & generate Nginx/HAProxy configs
- Red Team Log — MITRE-tagged engagement timeline
- Reverse Shell Builder, YARA Rule Builder, SQLi payload gen
- Web security tools: XSS, SSRF, XXE, path traversal
4 dedicated labs · 20+ offensive tools
📚
Learn
Knowledge & Growth
A complete learning hub for security professionals at every level — career roadmaps, cert prep, interview practice, quizzes, and Linux/Windows artifact references.
- Career Roadmaps — SOC, Pentest, DFIR, Cloud Security
- Cert Study Guides — Security+, CEH, OSCP, CISSP, CySA+, eJPT
- Interview Prep — 29 Q&A with detailed answers by role
- Security Quiz — 62 questions, 3 difficulty levels
- Linux & Windows Forensic Artifact References
- 114-term Glossary · Resources · Shortcuts reference
8 knowledge pages · 21 playbooks
📡
RF & Hardware
Signal Intelligence
Organized offline reference for Software Defined Radio and hardware hacking — the only platform that covers HackRF, BladeRF, and ALFA all in one place, offline.
- Hardware specs — HackRF One, BladeRF, RTL-SDR, Flipper Zero, Proxmark
- 24+ frequencies — GPS, ADS-B, ISM, Bluetooth, Wi-Fi, POCSAG
- Full HackRF command cheat sheet — capture, replay, sweep
- ALFA Wi-Fi attack commands — monitor mode, WPA2, evil twin
- 13 protocol security breakdowns with known vulnerabilities
- 10 RF attack techniques — replay, jamming, RFID cloning
1 dedicated vault · works 100% offline
Built-in Power
Platform features, always on.
No install, no account, no internet required — active on every page.
⌨️
Global Command Palette
Fuzzy-search all 141 tools and every page instantly. Jump anywhere without touching the mouse.
Press Ctrl+K anywhere
📝
Investigation Notepad
Persistent floating notepad for capturing findings mid-investigation. Survives page reloads via localStorage.
Press Alt+N on any tools page
🔗
Pivot Links
Auto-detects IPs, domains, hashes, and URLs in tool output — turns them into one-click pivot links to VirusTotal, Shodan, and more.
Active in all tool outputs
🟢
Offline Mode Indicator
Always-visible status dot shows your connectivity state. Every tool works 100% offline — no silent failures.
Always visible in the nav bar
🧪
MITRE Log Simulator
Generate realistic Windows Event Logs and Linux auth logs mapped to 11 ATT&CK techniques for training and detection testing.
📂
Linux Artifact Reference
55+ Linux forensic artifacts across 8 categories — file paths, log locations, persistence mechanisms — all click-to-copy.
🔎
Multi-SIEM Sigma Export
Build one detection rule and export to Splunk SPL, Microsoft Sentinel KQL, and IBM QRadar AQL simultaneously.
📡
RF & SDR Vault
The only platform covering HackRF, BladeRF, RTL-SDR, ALFA Wi-Fi, Flipper Zero, and Proxmark in one searchable offline reference.
Built Right
Why security people trust it.
01 / ARCHITECTURE
📦
Offline-First PWA
Every tool runs 100% in the browser. Service Worker caches the entire platform — use it on an air-gapped machine, on a flight, inside a lab with no internet. Nothing requires a server.
Service Worker · Cache-first · PWA installable
02 / PRIVACY
🔒
Zero Telemetry
No analytics. No trackers. No external requests. A strict Content Security Policy (
connect-src 'none') blocks every outbound connection at the browser level — verified, not just promised.CSP · connect-src 'none' · localStorage only
03 / OPENNESS
🔓
Open Source
Every line of code is on GitHub. Audit it, fork it, self-host it, contribute to it. No vendor lock-in, no license, no subscription. Built by a security practitioner, for security practitioners.
MIT License · Pure HTML/CSS/JS · No frameworks
Ready to deploy
Your workbench
is waiting.
No account. No install. No cost.
Open a tool and get to work.