One-command self-hosted SOC lab for Proxmox: Wazuh, TheHive, Cortex, MISP, Zeek, Suricata, and MCP servers for homelab blue-team training.
View on GitHub →
Try with Claude — $10 free →
Quick Install
Copy the config for your editor. Some servers may need additional setup — check the README.
Add to claude_desktop_config.json:
{
"mcpServers": {
"soc-stack": {
"command": "npx",
"args": [
"-y",
"lidless-labs/soc-stack"
]
}
}
}
Run in terminal:
claude mcp add soc-stack npx -y lidless-labs/soc-stack
Add to .cursor/mcp.json:
{
"mcpServers": {
"soc-stack": {
"command": "npx",
"args": [
"-y",
"lidless-labs/soc-stack"
]
}
}
}
Topics
blue-teamcortexhomelabincident-responselxcmcpmispproxmoxsecurity-labsecurity-toolsself-hostedsiemsocsuricatathehive