SOC Incident Toolkit
Security operations toolkit — IP reputation, phishing detection, DoS testing, VPN grading, and email analysis.
SOCRadar SOC Incident Toolkit is a free collection of security operations utilities designed for analysts who need fast answers during alert triage and incident response. The toolkit includes IP reputation and geolocation lookup, phishing URL and brand impersonation detection, VPN and proxy endpoint identification, email security posture grading (SPF, DKIM, DMARC, BIMI), email header analysis and threat classification, and a denial-of-service resilience tester. Each tool draws on SOCRadar's threat intelligence feeds and partner data sources, returning context-enriched results within seconds. No account, API key, or software installation is required. The suite is built for overworked SOC analysts who need to quickly determine whether an IP, URL, email, or domain is malicious before escalating or closing a security alert.
IP Reputation
Instantly check any IP address for malicious activity, botnet hosting, and geolocation context.
Phishing Radar
Detect active phishing sites targeting your brand using multi-source threat intelligence.
Email Security Grader
Evaluate SPF, DKIM, DMARC, BIMI, and mail-domain security posture.
Email Threat Analyzer
Analyze suspicious email headers and attachments for spoofing, phishing, and malware indicators.
VPN Radar
Identify exposed VPN endpoints and assess external risk signals.
DoS Resilience
Test your domain and infrastructure against denial-of-service resilience checks.