If you a security engineer or an aspirant Security professional then Setting up a Wazuh home lab environment is an excellent way for SOC (Security Operations Center) analysts to gain hands-on experience in security monitoring, alerting, and response.
On progress
Custom Wazuh decoders and rules for UniFi Network devices. Parses CEF (Common Event Format) syslog events from UniFi OS and UniFi Network applications.
Enterprise-grade solution eliminating persistent MITRE technique lookup failures affecting thousands of Wazuh installations worldwide. Fixes both UUID compatibility and obsolete rule modernization.
Small script centered on idea to keep repository with wazuh rules in git and update it automatically.
Guide explaining how to deploy the entire Threat Intelligence pipeline inside Wazuh.
In Progress Project: A lab-based SOC simulation using Wazuh SIEM/XDR to detect real-world attack scenarios including database exfiltration, credential theft, and insider enumeration across a virtualized environment.
If you a security engineer or an aspirant Security professional then Setting up a Wazuh home lab environment is an excellent way for SOC (Security Operations Center) analysts to gain hands-on experience in security monitoring, alerting, and response.
This repo contains comunity configured rulsets for Wazuh, to detect and respond to possible malicious gameserver events .
Wazuh Decoder and Ruleset for WAF and IDP (Easy Level)
Collection of custom Wazuh scripts, rulesets and decoders to enhance their monitoring capabilities.
An end-to-end cyber threat intelligence pipeline using Cowrie, Wazuh, and OpenSearch to capture, normalize, and visually track live SSH brute-force attacks.
SOC Home Lab with Wazuh SIEM for security monitoring, SSH attack detection, and log analysis across Windows and Linux systems
Configuration files and instructions for MVP SOC project.
just some wazuh rules for web-sites and server side detection
Wazuh Detection rules for the CL-STA-1087 threat cluster identified by Unit 42 Palo Alto, targeting Southeast Asian military organizations.
This project demonstrates end-to-end attack simulation and detection using Wazuh SIEM in a SOC environment.
This project contains custom LKRG (Linux Kernel Runtime Guard) decoders and rules for Wazuh
Add a description, image, and links to the wazuh-rules topic page so that developers can more easily learn about it.
To associate your repository with the wazuh-rules topic, visit your repo's landing page and select "manage topics."