Security Onion Sysmon Dashboards
Рет қаралды 3,184
Жыл бұрынIn this demonstration, I'll be covering Security Onion Sysmon dashboards and how we may use Sankey diagrams to hunt across various different datasets. Although the simulated attackers bypassed Windows defender and exploited a vuln service we can use Security Onion to uncover their tracks and make them cry!!
Educational purposes only, please!!
#Sliver C2
#Security Onion
#exploit
Credit:
github.com/BishopFox/sliver
securityonionsolutions.com/
www.proxmox.com/en/
@Delexjarkol Жыл бұрын
Hi bro, I have installed correctly Security Onion, but I am not able tu configure correctly Sysmon for visualizate the logs in the dashboards, I get imported the dashboards but the logs never arrived, I tried check firewall etc, but nothing... Also I installed Kibanna and Elasticsearch, and in the windows DC winlogbeat for send the logs to ELK but nothing, could u make a tutorial from 0 to install that infraestructure? I will apreciate so much.... Best regards!!!
@cyberlabz Жыл бұрын
Hello. It sounds like you're using Security Onion setup and a completely different ELK stack, two different SIEM'S. Is this correct?
@Delexjarkol Жыл бұрын
@@cyberlabz Thats correct, I tried using ELK first to visualizate the Domain Controller logs but not got it, and after I tried Security Onion and Nothing again.
@cyberlabz Жыл бұрын
@@Delexjarkol Try watching this video and see if this helps. If not, please let me know. kzbin.info/www/bejne/jquQaKJ6p7-Xh7s
@nathaliabielser5370 Жыл бұрын
🙂 promosm