0xSeanG / ISE5501 Public

Notifications You must be signed in to change notification settings
Fork 0
Star 3

This serves as a repository of links, configuration files, and procedures related to the ISE5501 course at SANS Technology Institute.

3 stars 0 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 15 Commits
LICENSE		LICENSE
README.md		README.md
Windows+ATT&CK_Logging+Cheat+Sheet_ver_Sept_2018.pdf		Windows+ATT&CK_Logging+Cheat+Sheet_ver_Sept_2018.pdf
Windows+Logging+Cheat+Sheet_ver_Feb_2019.pdf		Windows+Logging+Cheat+Sheet_ver_Feb_2019.pdf
ossec.conf_modification		ossec.conf_modification

Repository files navigation

ISE5501

This serves as a repository of links, configuration files, and procedures related to my ISE5501 course at SANS Technology Institute.

Required Modification to ossec.conf on hosts
Malware Archeology Windows Logging Cheat Sheet (Archived Version). To ensure you review the most recent version, please visit [https://www.malwarearchaeology.com/cheat-sheets]
Malware Archeology Logging Cheat Sheet mapped to MITRE ATT&CK (Archived Version). To ensure you review the most recent version, please visit https://www.malwarearchaeology.com/cheat-sheets
Security Onion Sysmon Page
Archived version of the SwiftOnSecurity Sysmon Configuration File
Wazuh Agent Download
Wazuh Instalation Guide
Adding Wazuh agents to Security Onion
- Ensure you also use so-allow to allow traffic through the local firewall. There are pre-defined rules for adding OSSEC agents.
Wazuh Agent Install Directions
Security Onion Wazuh wiki page

About

This serves as a repository of links, configuration files, and procedures related to the ISE5501 course at SANS Technology Institute.

Report repository

Releases

No releases published

Packages

No packages published