S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable.
S1EM is a SIEM with SIRP and Threat Intel, a full packet capture, all in one.
Inside the solution:
Note: Cortex v3.1 use ELK connector and the OpenCTI v4 connector
Solution works with Linux, docker, and docker-compose.
For auditbeat, you must have Kernel in the version 5.
On Linux, you must have in the “/etc/sysctl.conf” the line:
vm.max_map_count=262144
You must have:
log in to your system as « root »
git clone https://github.com/V1D1AN/S1EM.git
cd S1EM
After, run the command:
bash 01_deploy.sh
On Linux, add this entry in your /etc/hosts file to access to this solution ( change s1em.cyber.local with the hostname entered during installation ).
vi /etc/hosts
XXX.XXX.XXX.XXX s1em.cyber.local
On Windows, add this entry in your hosts file to access to this solution ( change s1em.cyber.local with the hostname entered during installation ).
notepad C:\Windows\System32\drivers\etc\hosts
XXX.XXX.XXX.XXX s1em.cyber.local
Burrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…
Simple golang webserver that listens for basic auth or post requests and sends a notification…
Nutek Security Platform for macOS and Linux operating systems. Tools for hackers, bug hunters and…
Welcome to SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools…
All in one Docker-based workstation with hacking tools for Pentesting and offsec Labs by maintained…
Got it! Below is the updated README.md file with instructions for downloading the project on…