Cybersecurity SOC RAG RAG Tools

Tools for security operations center (SOC) automation, incident response, and threat analysis using RAG. Focuses on SIEM integration, log analysis, security questionnaires, and cyber threat intelligence. Does NOT include general security tools without RAG, non-SOC cybersecurity applications, or drone/network-level security systems without SOC operations context.

There are 87 cybersecurity soc rag tools tracked. 3 score above 50 (established tier). The highest-rated is LLAMATOR-Core/llamator at 59/100 with 201 stars.

Get all 87 projects as JSON

curl "https://pt-edge.onrender.com/api/v1/datasets/quality?domain=rag&subcategory=cybersecurity-soc-rag&limit=20"

Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.

#	Tool	Score	Tier	Stars	Language
1	LLAMATOR-Core/llamator Red Teaming python-framework for testing chatbots and GenAI systems.	59	Established	201	Python
2	sleeepeer/PoisonedRAG [USENIX Security 2025] PoisonedRAG: Knowledge Corruption Attacks to...	55	Established	242	Python
3	kelkalot/simpleaudit Allows to red-team your AI systems through adversarial probing. It is...	50	Established	6	Python
4	JuliusHenke/autopentest CLI enabling more autonomous black-box penetration tests using Large...	47	Emerging	43	Python
5	SecurityClaw/SecurityClaw A modular, skill-based autonomous Security Operations Center (SOC) agent...	45	Emerging	126	Python
6	AI-secure/AgentPoison [NeurIPS 2024] Official implementation for "AgentPoison: Red-teaming LLM...	43	Emerging	203	Python
7	AnubhavChoudhery/cybersec-scanner A comprehensive, modular security scanning toolkit for detecting secrets,...	42	Emerging	2	Python
8	taladari/rag-firewall Client-side retrieval firewall for RAG systems — blocks prompt injection and...	41	Emerging	17	Python
9	rohansx/cloakpipe Privacy middleware for LLM & RAG pipelines - consistent pseudonymization,...	41	Emerging	14	Rust
10	olegnazarov/rag-security-scanner RAG/LLM Security Scanner identifies critical vulnerabilities in AI-powered...	40	Emerging	62	Python
11	CaviraOSS/SecuPrompt Protect your AI from Prompt Injection	39	Emerging	11	TypeScript
12	olegnazarov/llm-fortress Enterprise AI Security Platform - Real-time firewall protection for LLM...	38	Emerging	23	Python
13	clab60917/RAG-LLM-SOC_analyst SOC Analyst Level 1 Replacement using RAG LLM	37	Emerging	27	Python
14	LauJames/Topic-FlipRAG [USENIX Security 2025] Topic-FlipRAG: Topic-Orientated Adversarial Opinion...	36	Emerging	10	Jupyter Notebook
15	toxy4ny/redteam-ai-benchmark Red Team AI Benchmark: Evaluating Uncensored LLMs for Offensive Security	36	Emerging	27	Python
16	Har1sh-k/SecLint A Python-based AI agent for detecting insecure code patterns in Python...	31	Emerging	2	Python
17	HydroXai/pii-masker PII Masker is an open-source tool for protecting sensitive data by...	31	Emerging	157	Jupyter Notebook
18	jone0709/Securing-AI-ML-Maturity-Model AI Operations Security Maturity Model and toolkit to secure AI/ML...	30	Emerging	1	—
19	Curtis-Thomas/junction-sentinel Junction Sentinel is a secure, multi-agent system designed to address drone...	28	Experimental	1	TypeScript
20	prompt-security/RAG_Poisoning_POC Stealthy Prompt Injection and Poisoning in RAG Systems via Vector Database Embeddings	27	Experimental	12	Python
21	sandipkatel/Unified-InfoSec-QnA-Assistant A full-stack RAG based AI-powered system to help InfoSec teams efficiently...	27	Experimental	2	JavaScript
22	StruggleY/Fo-Sentinel-Agent 企业级安全智能研判平台-多 Agent 协同与 Supervisor-Worker 深度思考架构驱动，集成全链路...	27	Experimental	3	Go
23	javidahmed64592/cyber-query-ai Ollama-powered cybersecurity assistant for ethical penetration testing and...	26	Experimental	1	TypeScript
24	bx0-0/CyberVisionAI Cyber Vision AI is an award-winning, open-source AI assistant for...	26	Experimental	4	Python
25	scthornton/ai-security-analyst-rag Build an AI Security Analyst Assistant with RAG! LEARN FROM SCRATCH	25	Experimental	2	Jupyter Notebook
26	musabdulai-io/llm-production-safety-scanner CLI tool for testing production safety controls in LLM/RAG apps - prompt...	25	Experimental	2	Python
27	Privalyse/privalyse-mask Semantic PII Masking & Anonymization for LLMs (RAG). GDPR-compliant,...	25	Experimental	2	Python
28	gbikram/ThreatIntelRAG Experimental RAG that consumes Cyber Security articles via RSS	25	Experimental	4	Jupyter Notebook
29	cisco-ai-defense/adversarial-hubness-detector Scanner for adversarial hubs in RAG and vector databases	25	Experimental	5	Python
30	HyeonjeongHa/MM-PoisonRAG Official PyTorch implementation of "MM-PoisonRAG: Disrupting Multimodal RAG...	25	Experimental	12	Python
31	deconvolute-labs/benchmarks Reproducible security benchmarking for the Deconvolute SDK and AI system...	25	Experimental	2	Python
32	scthornton/semantic-chameleon Dual-Stage Temporal Poisoning Attack on RAG Systems	25	Experimental	2	Python
33	Zyrabit-tech/zyrabit-SLM Sovereign AI Infrastructure for Enterprise RAG. Zero-Trust PII Sanitization,...	24	Experimental	1	Python
34	Cyberfortress-Labs/Cyberfortress-Intelligent-SOC-Ecosystem An Intelligent SOC Ecosystem that integrates SIEM, SOAR, and SmartXDR to...	24	Experimental	4	Shell
35	DonkeyKing01/SCSI-SLM-EV-Design Official implementation of the SCSI-SLM framework for translating EV...	23	Experimental	1	Python
36	uuluul/AI-autonomous-SOC AI-powered autonomous SOC pipeline featuring hybrid log ingestion,...	23	Experimental	2	Python
37	byerlikaya/Septum Privacy‑first AI middleware that anonymizes PII locally and only sends...	23	Experimental	2	Python
38	McKern3l/RAGdrag-labs Test lab for RAGdrag — vulnerable RAG target, sample results, and test suite	23	Experimental	1	Python
39	mishabar410/RAGLeakLab Deterministic security testing for RAG pipelines: measure retrieval-induced...	23	Experimental	2	Python
40	gypark94/RAGprompt Anomaly detection using RAG	23	Experimental	17	Python
41	Jeremy0219/cloudguard-rag AI-powered RAG pipeline for querying cloud security frameworks using Azure...	22	Experimental	1	Python
42	MartinMilevVenelinova/rag-copilot-it-security Internal RAG copilot for Helpdesk/SecOps: cited answers, strict “not found”...	22	Experimental	1	Python
43	SidereusHu/RAG-Shield Defense-in-depth security framework for RAG systems: poison detection,...	22	Experimental	1	Python
44	45ck/llm-agent-security-skills LLM and agent security skill pack for prompt injection, tool permissions,...	22	Experimental	—	Shell
45	112ab0058/ray PromptGuard Research \| AI Security & RAG Defense	22	Experimental	—	Python
46	julienmerconsulting/rag-poisoning-demo 🧪 5 faux documents suffisent pour corrompre 80% des réponses d'un RAG. Démo...	22	Experimental	—	Python
47	Kelvin295/cloakpipe Protect LLM data by detecting, masking, and unmasking personal information...	22	Experimental	—	Rust
48	stlin256/FraudSMS_RAG_Shield 融合大模型推理与RAG检索增强的诈骗短信甄别系统	21	Experimental	4	Python
49	brittytino/cyber-sop-assistant A fully local Cybercrime SOP assistant for India, combining a FastAPI...	21	Experimental	3	Python
50	ayinedjimi/SOC-Assistant RAG-Powered SOC Assistant - By Ayi NEDJIMI	21	Experimental	—	Python
51	Laav0808/cybersecurity-rag-assistant RAG-powered cybersecurity knowledge assistant using LangChain, Weaviate, and...	21	Experimental	—	Python
52	OpenAgenticOS/asb-security-schema A unified security event schema for LLM, RAG, and Agent applications.	20	Experimental	1	Python
53	nimad70/VulRAG Investigating the vulnerability of Large Language Models (LLMs) to...	19	Experimental	4	Jupyter Notebook
54	Sai-Chakradhar-Mahendrakar/SOC-Analyst-Automation-using-RAG-Model SOC Analyst Automation using a RAG model integrates a knowledge retrieval...	19	Experimental	4	JavaScript
55	Sumukha87/aia-auditor AI RAG system for cloud security auditing — Qwen 2.5 7B via Ollama, Qdrant...	17	Experimental	1	Python
56	Dhy4n-117/AI_SOC_Analyst A privacy-first, local AI assistant for SOC analysts and threat hunters....	17	Experimental	—	HTML
57	Cyberfortress-Labs/cyberfortress-labs.github.io A unified intelligent SOC ecosystem where SIEM, SOAR, OpenXDR, Threat...	17	Experimental	—	HTML
58	laricko/prompt-guard Prompt-safety guards as a Python library. TF-IDF, RAG, LLM as a judge pipeline	16	Experimental	4	Python
59	MadDataQualcommHackathon/SentinelAI Enterprises in legal, defense, and finance cannot use AI on their most...	15	Experimental	—	Python
60	r00tb3/RAG-Poisoning-Lab RAG Poisoning Lab — Educational AI Security Exercise	15	Experimental	8	Python
61	thiagov21/squad-sentinela AI workflow automation platform using agents and RAG to transform...	14	Experimental	—	Python
62	HameshTiwari/Secure-AI-Financial-Auditor Enterprise GenAI framework implementing architectural guardrails and PII...	14	Experimental	—	—
63	ducwuyy/DocSentinel Detect security risks in documents and questionnaires using automated...	14	Experimental	—	HTML
64	Arthurfert/SecLLM-Gen Offensive & Defensive cybersecurity LLM application	14	Experimental	1	Python
65	bhattaraisubal-eng/RAG-poisoning A simple experiment on how RAG poisoning attack propagates through a...	13	Experimental	—	Python
66	cyber-evangelists/threat-mon-rag Threat Mon Rag to Demonstrate the Rag for security researchers.	13	Experimental	—	Python
67	aliozen0/sentinel-io Decentralized compute orchestration using AI agents (FastAPI, Next.js, RAG)....	13	Experimental	—	TypeScript
68	agloriousli/SentinelAI A security-focused Agent that ingests raw security logs, uses RAG to query...	13	Experimental	—	Go
69	MAEN1-prog/CVE-2025-2304 🛠️ Exploit CVE-2025-2304 in Camaleon CMS easily with this Python script for...	13	Experimental	—	Python
70	fartlover37/CVE-2026-2441-PoC Demonstrate a proof-of-concept exploit for CVE-2026-2441, a high-risk Chrome...	13	Experimental	—	—
71	YangYang-Research/whale-sentinel-controllers The Whale Sentinel Controllers	13	Experimental	—	—
72	ChangYeongJeong1103/prompt-injection-gatekeeper Multi-stage prompt injection detection pipeline for RAG-based LLM agents	13	Experimental	—	Python
73	urcuqui/rag-poisoning-lab A hands-on security lab demonstrating how to poison a Retrieval-Augmented...	13	Experimental	2	Jupyter Notebook
74	ReaperZ0v/sentinel-ai A RAG implementation concept for law enforcement to search through their...	13	Experimental	—	Python
75	michealimuse777/Sentinel-Bot-Showcase Sentinel: A Level 4 Autonomous Discord Agent. Features RAG-powered web...	13	Experimental	—	—
76	404godd/CVE-2026-20841-PoC 🛠 Demonstrate remote code execution in Windows Notepad versions below...	13	Experimental	—	—
77	hamzamalik3461/CVE-2026-20841 🛠 Demonstrate remote code execution in Windows Notepad via markdown links...	13	Experimental	—	—
78	Ravi0529/isea-rag-attack-classification Pipeline converts raw logs into structured session intelligence and maps...	13	Experimental	—	Jupyter Notebook
79	mizazhaider-ceh/Prime-PenTrix AI Cybersecurity Learning Platform. Features Hybrid RAG (pgvector + BM25),...	13	Experimental	—	TypeScript
80	danifeb94/ai-log-hunter 🛡️ AI Log Hunter v5.2 \| Advanced Local RAG & Hybrid OCR (Llama 3 +...	13	Experimental	—	Python
81	ddihora1604/FINAL_year_project A whitebox LLMOps framework designed to enhance security and transparency in...	13	Experimental	—	—
82	butlerem/vulnerability-scanner-UniXcoder-RAG AI-powered browser-based vulnerability scanner using UniXcoder embeddings...	13	Experimental	7	TypeScript
83	MuhamedAyoub/RealTime-RAG-CyberSecurity_Analyst A Retrieval-Augmented Generation (RAG) system for automating Security...	12	Experimental	4	Jupyter Notebook
84	jawadhussein462/Awesome-Rag-Attacks A research framework for implementing and evaluating poisoning attacks on...	12	Experimental	3	Python
85	CyberSecAI/CWE-Expert A CWE-Expert can be built for free in a browser in less than 1 minute using...	12	Experimental	1	Jupyter Notebook
86	Cyberfortress-Labs/Cyberfortress-RAG-LLM The RAG (Retrieval-Augmented Generation) system optimized for the...	12	Experimental	1	Python
87	KnightChaser/MITREAttackRagger A simple RAG demonstration ATT&CK CTI(Cyber Threat Intelligence) information	11	Experimental	3	Jupyter Notebook

Comparisons in this category

llamator and redteam-ai-benchmark (59 vs 36)