hiurydemunerdev/SOC-LabWazuh

GitHub: hiurydemunerdev/SOC-LabWazuh

Stars: 0 | Forks: 0

![Wazuh](https://img.shields.io/badge/Wazuh-SIEM-blue) ![Ubuntu](https://img.shields.io/badge/Ubuntu-Server-orange) ![Kali](https://img.shields.io/badge/Kali-Linux-blue) ![SOC](https://img.shields.io/badge/Blue-Team-blue) ![MITRE](https://img.shields.io/badge/MITRE-ATT%26CK-red) ![Status](https://img.shields.io/badge/Status-Active-success) # SOC-Lab-Wazuh Blue Team SOC laboratory focused on threat detection, incident response and attack simulation using Wazuh SIEM. # Laboratory Architecture ![Architecture](https://static.pigsec.cn/wp-content/uploads/repos/2026/06/59100b55d7143256.png) This laboratory was built using: - Wazuh SIEM - Ubuntu Server - Kali Linux - VirtualBox - Fail2Ban - SSH - MITRE ATT&CK # Simulated Attack Scenarios - SSH brute force attack - Port scanning detection - IOC detection - Incident response - Attacker containment - Privilege escalation monitoring - Threat hunting - MITRE ATT&CK correlation # SOC Capabilities Demonstrated - SIEM Monitoring - Detection Engineering - Threat Hunting - Incident Response - Log Analysis - Linux Administration - Network Security - Attack Timeline Reconstruction # Dashboard Overview ![Dashboard](https://static.pigsec.cn/wp-content/uploads/repos/2026/06/495ffbd080143301.png) The dashboard includes: - SSH authentication failures - MITRE ATT&CK events - Alert severity distribution - Incident timeline reconstruction - Event classification - Threat monitoring # Screenshots Screenshots available inside: /screenshots # Author Hiury Demuner