V1D1AN/S1EM

This is stars and forks stats for /V1D1AN/S1EM repository. As of 19 Apr, 2024 this repository has 349 stars and 73 forks.

Objectives Today, cyber attacks are more numerous and cause damage in companies. Nevertheless, many software products exist to detect cyber threats. The S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable. S1EM is a SIEM with SIRP and Threat Intel, a full packet capture, all in one. Inside the solution: Elasticsearch ( 1 node or Cluster ) Kibana Filebeat Logstash Metricbeat Heartbeat Auditbeat Fleet N8n Zircolite Velociraptor Spiderfoot Syslog-ng Elastalert TheHive Cortex ( With Mwdb, Capa, Yara, FileInfo, AssemblyLine ) MISP OpenCTI Arkime Suricata Zeek Mwdb Traefik Codimd Watchtower Homer Guides ❗Installation Guide Access Guide Configuration Guide Upgrade guide Detection Guide Incident Response Guide Threat Intel Guide Agent Guide Architecture Guide Troubleshooting Guide SOAR Use EDR Elastic with S1EM Use TPOT with S1EM Screenshot of S1EM Try S1EM For EVTX File, you can try S1EM (Zircolite) with EVTX-ATTACK-SAMPLES. For Pcap File, you can try S1EM (Suricata/Zeek/Mwdb) with MALWARE-TRAFFIC-ANALYSIS. Discord The serveur discord of S1EM : https://discord.gg/uFBzr8fWmC Roadmap Add OpenCVE The complete documentation SSO Interact with Lab-DFIR-SOC (https://github.com/StevenDias33/Lab-DFIR-SOC) Add Capa ( In cortex ) Add Zircolite Add Velociraptor Installation of S1EM with Ansible Integration in Secubian (https://github.com/kidrek/secubian) Integration of T-POT (https://github.com/telekom-security/tpotce) Related project https://www.elastic.co https://github.com/TheHive-Project/Docker-Templates https://github.com/jasonish/docker-suricata https://github.com/blacktop/docker-zeek https://github.com/rskntroot/arkime https://github.com/coolacid/docker-misp https://github.com/m0ns7er/ElasticXDR https://github.com/jertel/elastalert-docker https://github.com/OpenCTI-Platform/docker https://github.com/CERT-Polska/mwdb-core https://github.com/SigmaHQ/sigma https://github.com/Yara-Rules/rules https://traefik.io/ https://docs.linuxserver.io/images/docker-heimdall https://github.com/cisagov/Malcolm https://github.com/blueimp/jQuery-File-Upload https://gchq.github.io/CyberChef/ https://www.syslog-ng.com/ https://github.com/bastienwirtz/homer https://github.com/wagga40/zircolite https://github.com/weslambert https://github.com/Velocidex/velociraptor Special thanks En français cette fois. Merci à mes amis et collègues qui m´ont inspiré toutes ces années, qui m´ont aidé, et corrigé des bugs. Je pense à Kidrek, Juju, mlp1515, Wagga40, Xophidia, StevenDias33, Frak113, HiPizzaa,et tous ceux qui n´ont pas forcement de compte github. Merci à vous :) Liens github: https://github.com/kidrek https://github.com/mlp1515 https://github.com/frack113 https://github.com/StevenDias33 https://github.com/wagga40 https://github.com/xophidia Special thanks in english Thanks to @Mcdave2k1 for your pull requests Donate If this project help you reduce time to develop, you can give me a cup of coffee :)