Whoami
  • Welcome
  • Home Lab: C2 Detection, Ransomware Defense & YARA Automation
    • SOC Lab – What is this Lab about ?
    • Part 1 - Setting Up the Environment
    • Part 2 - Detecting C2 Activity
    • Part 3 - Credential Dumping & Threat Detection
    • Part 4 - Blocking Ransomware
    • Part 5 - Reducing False Positives
    • Part 6 - Automated YARA Scanning
  • Automation Lab - Home Project
    • Sysmon Installation
    • Wazuh & TheHive: Installation, Configuration, and Optimization
    • Tracking Mimikatz Activity with Wazuh & Sysmon Logs
    • End-to-End Alert Automation: Wazuh → Shuffle → TheHive
Powered by GitBook
On this page

Automation Lab - Home Project

This lab is designed to set up a Security Operations Center (SOC) at home using open-source tools like Wazuh, Shuffle, and TheHive to automate threat detection, response, and investigation.

PreviousPart 6 - Automated YARA ScanningNextSysmon Installation

Last updated 14 days ago

📌Requirements for our Lab

  • Wazuh Server: (Recommended for handling logs & analysis)

  • TheHive: (Increase if managing many cases)

  • Shuffle: (Sufficient for automation tasks)

  • Windows 10 Agent: (Enough for endpoint monitoring)

🔹 SOC Automation Workflow – This diagram shows how Wazuh, Shuffle, and TheHive work together to detect, analyze, and respond to security threats automatically.