Skip to content

Latest commit

 

History

History
34 lines (31 loc) · 1.99 KB

README.md

File metadata and controls

34 lines (31 loc) · 1.99 KB

What is this?

Special Thanks

Course Notes

  1. https://github.com/wazuh/wazuh-ruleset/tree/master/rules
  2. https://documentation.wazuh.com/4.0/getting-started/components/wazuh_agent.html
  3. https://github.com/wazuh/wazuh-docker
  4. https://documentation.wazuh.com/4.0/docker/index.html
  5. https://documentation.wazuh.com/4.0/installation-guide/wazuh-agent/index.html
  6. https://www.pluralsight.com/courses/command-control-merlin
  7. Diagram
  8. https://localhost:8080/app/wazuh
  9. https://github.com/wazuh/wazuh-ruleset/tree/v4.0.1/decoders
  10. volumes:
    # For more context on wazuh-config-mount, please view...
    # https://documentation.wazuh.com/3.7/docker/container-usage.html#mount-custom-wazuh-configuration-files
    - './wazuh-manager-container/misc/local_rules.xml:/wazuh-config-mount/etc/rules/local_rules.xml'
    - './wazuh-manager-container/misc/ossec.conf:/wazuh-config-mount/etc/ossec.conf'
  11. https://documentation.wazuh.com/3.7/docker/container-usage.html#mount-custom-wazuh-configuration-files
  12. https://documentation.wazuh.com/4.0/user-manual/ruleset/rules-classification.html
  13. (https://documentation.wazuh.com/4.0/user-manual/reference/ossec-conf/active-response.html#location)
  14. https://github.com/zachroofsec/os-analysis-with-wazuh/blob/master/victim-container/misc/deny-invisible-process/deny-invisible-process.py
  15. https://github.com/zachroofsec/os-analysis-with-wazuh/blob/master/victim-container/misc/quarantine/quarantine.py
  16. https://zachroofsec.com

Additional Resources Slide

  1. https://wazuh.com/blog/emotet-malware-detection/
  2. https://wazuh.com/blog/monitoring-root-actions-on-linux-using-auditd-and-wazuh/
  3. https://github.com/wazuh/wazuh/wiki/Proof-of-concept-guide
  4. https://wazuh.com/blog/using-wazuh-for-windows-vulnerability-detection/
  5. https://attack.mitre.org/techniques/T1574/
  6. https://www.elastic.co/guide/en/kibana/7.9/introduction.html
  7. https://opendistro.github.io/for-elasticsearch-docs/