E-Man
CICyber Info
•Created by Gamerboy on 4/21/2024 in #❓︱support-requests
FOR A PROJECT
Are you sure Suricata is forwarding logs to Wazuh? It’s been a little while since I’ve used the tools but generally with detections there are 3 possible issues.
Telemetry- Are you receiving the logs in the correct location?
Taxonomy- Are the logs correctly tagged and processed.
Logic- is the rule logic correct
15 replies
CICyber Info
•Created by Gamerboy on 4/21/2024 in #❓︱support-requests
FOR A PROJECT
Devil is in the details, can you show me the rule?
15 replies
CICyber Info
•Created by MD on 3/4/2024 in #❓︱support-requests
Help With My Dissertation Project.
Map it to MITRE, explain the Anti-Virus mitigation control
6 replies
CICyber Info
•Created by MD on 3/4/2024 in #❓︱support-requests
Help With My Dissertation Project.
I think the only resource I can recommend on this discord is Caldera, and deploy a C2 agent and do it that way. That'd class as malware.
Specifically virus resources... write your own in Go. That way you can talk about what the anti virus softwares are supposed to detect vs what they actually did
6 replies
CICyber Info
•Created by MD on 3/4/2024 in #❓︱support-requests
Help With My Dissertation Project.
💀 Write your own malware man, don't do it on your own machine. Spin up a hardened virtual machine to do this on.
6 replies