Wazuh + Sysmon Detection Lab

Windows 11 Sysmon telemetry integration with Wazuh, custom detection rules, alert triage workflow and log correlation.

View Details

Brute-Force Detection Lab

Windows Security log analysis and brute-force detection using Wazuh SIEM.
Correlation of multiple failed login attempts into high-severity alerts
and investigation using JSON event data.

View Details

Network Monitoring Lab

Pi-hole DNS analysis, Suricata IDS, traffic inspection and alert tuning.

View Details

Suricata IDS + PCAP Triage

Custom Suricata rules, EVE JSON analysis, suspicious traffic investigation and packet-level triage using Wireshark.

View Details

Phishing Analysis Sandbox

Isolated VM detonation, URL and JavaScript inspection, IOC extraction, network traffic monitoring and structured incident reporting.

View Details

Docker Security Lab

Nginx log monitoring, Fail2Ban brute-force simulation and incident detection.

View Details

Scroll to Top