Loadingβ¦
Show the hidden incidents in this room (spoiler)
Why SOC Hub
Real-world incidents
Every room has hand-planted attacks β brute force, lateral movement, BEC, MFA fatigue, token theft. Find them like a real analyst.
Zero install
DuckDB-WASM runs the full SQL engine in your browser. No accounts to create, no software to install, no Azure subscription required.
Practice β production
The query you write here works against your real Microsoft Sentinel or Splunk workspace. Same syntax, same UI, real data.
(Production mode rolling out β see Pricing)
Built for L1 β L3
58 verified challenges across SIEM, email gateway, cloud identity, and modern phishing (AiTM, OAuth consent, quishing, TOAD, VEC). Basic β Expert progression with CTEs, window functions, z-scores. KQL transpiler. Grow in one tool.
πΊοΈ Your Learning Path
Four themed rooms Β· 58 hand-built challenges Β· progress saves in your browser
Pricing
Indian-friendly. Build skills before you pay.
Free
- All 4 themed rooms
- 84 categorized sample queries
- Browser-only β no signup needed
- Save up to 5 queries (with login)
- Auto-verified challenge answers
You are here β
Student
- Everything in Free
- Unlimited saved queries
- Score history & badges
- 50% off with .edu / Techclick alumni email
- New rooms every month
Pro
- Everything in Student
- Production mode β connect your own Sentinel / Splunk
- Run alerts on a schedule (CF Cron)
- Webhook actions on hits
- Sigma rule import / export
Team
- Everything in Pro
- Class rooms & leaderboards
- Custom datasets (upload your own logs)
- Admin console + bulk enrollment
- Priority support
Email [email protected]