Home
Services
Blog
Categories
Shop
Contact

Home
Categories
Tags
Contact

Menu

Home
Security

S1EM

16Mar

By 0x1 Security, Docker, Elasticsearch, Kibana, Comments

S1EM is a SIEM with SIRP and Threat Intel, a full packet capture, all in one.

Today, cyber attacks are more numerous and cause damage in companies. Nevertheless, many software products exist to detect cyber threats. The S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable.

Inside the solution:

Cluster Elasticsearch
Kibana
Filebeat
Logstash
Metricbeat
Heartbeat
Auditbeat
Syslog-ng
Elastalert
TheHive
Cortex
MISP
OpenCTI
Arkime
Suricata
Zeek
StoQ
Mwdb
Heimdall
Traefik
Clamav
Watchtower

Note: Cortex v3.1 use ELK connector and the OpenCTI v4 connector

Guides

Installation Guide
Access Guide
Configuration Guide
Upgrade guide
Detection Guide
Incident Response Guide
Threat Intel Guide
Agent Guide
Architecture Guide
Troubleshooting Guide
Screenshot of S1EM

Roadmap

: Change docker Postgres and Mysql for multi databases
: Add Spiderfoot
: Add SOAR shuffle
: Add OpenCVE
: Add Codimd
: Suppress heimdall for Homer
: The complete documentation
: Upgrade to elastalert2
: SSO
: Interact with Lab-DFIR-SOC
: Add Capa

Download

Share this post

Comments

PREV NEXT

Translation

TRANSLATION

Online Tools

WebRTC Detection

Your IP:
Your Location:
Your Provider:
Tor Exit Node:
Your OS:
Your Browser:
WebRTC Detection:

Tools

Send Anonymous Sms (1 free per day)
CyberChef
OpenC2
EmbedInHTML
Reverse Shell Generator
Map Cyber Attack
Html to Markdown

Encode / Decode

Base64
Binary
UTF-8
JavaScript
URL
HTML
Reverse

Live Tv Streaming

Live French Tv

Categories

Development (3)

Agile Web Development with Rails 5.1
Beginning C++ 17
dns-prefetch

Exploit (17)

Microsoft Office RCE Vulnerability aka Follina - CVE-2022-30190
BotenaGo Malware Targets Millions of IoT Devices
DotCMS Remote Code Execution | CVE-2022-26352
SpringBoot RCE | CVE-2022-22963
Dirty Pipe - Linux Local Privilege Escalation
Auto-Elevate
Log4shell | CVE-2021-44228
PwnKit-Exploit
GTFOBins - Search for Unix binaries
OWASP ZSC Tool
UAC Bypass in Windows 10 Store Binary
Bypassing UAC using App Paths
Another sdclt UAC bypass
Bypassing UAC on Windows 10 using Disk Cleanup
Linux Privilege Escalation
Windows Privilege Escalation
baby pwn 2018 CTF

Exploitation-tools (32)

AutoPWN Suite - Scanning vulnerabilities and exploiting systems automatically
NotionTerm - Embed reverse shell in Notion pages
Tornado | anonymously reverse shell
CobaltBus | Cobalt Strike C2 traffic via Azure Servicebus
Shhhloader | Shellcode Loader
OffensiveNotion C2
Phant0m | Windows Event Log Killer
TAS
SUID3NUM
Donut
Postenum
Faction C2 Framework
Sliver
FudgeC2
C3 Custom Command and Control
Telegram Csharp C2
GhostTunnel
goDoH
Winpayloads
0xsp Mongoose
AutoRDPwn
o365-attack-toolkit
Linux Smart Enumeration
Tyton: Kernel-Rootkit
SILENTTRINITY
Koadic C3
Kage
BloodHound
PyFuscation
Covenant
OpenC2
DeathStar

Network (17)

PacketStreamer - Tcpdump for cloud native environments
Puwr - SSH attack surface on local network
MITM Intercept
Malcolm Network Traffic Analysis Tool
The Zeek Network Security Monitor
BruteShark - Network Analysis Tool
NetCap
Sparrow Wifi
XRay
SKA - Simple Karma Attack
LetsMapYourNetwork
Ehtools
PA-Toolkit | Pentester Academy Wireshark Toolkit
WiFi-Pumpkin
VoIPShark
Inflator
FeedingBottle

Pentesting (13)

k0otkit - Manipulate K8s in a K8s way
Cobalt Strike MANUALS_V2 Active Directory
Malicious PDF Generator ☠️
Xerror
Metasploit Pro
Defcon27 Csharp Workshop
Atomic Red Team
Modlishka: Reverse-Proxy
Trape
Hashview
Infection Monkey
Red Teaming/Adversary Simulation Toolkit
Active Directory Kill Chain Attack and Defense

Phone (9)

DroidDetective analysing Android applications
Obfuscapk
Andriller
SimJacker
email2phonenumber
StaCoAn
VoiceMailAutomator
iBoot IOS 9.3 Leaked
Android Security List

Reconnaissance-tools (10)

Sub3suite - Subdomain Enumeration Suite
Mip22 - Advanced Phishing Tool
Nivistealer
Misp Dashboard
lsassy
AttackSurfaceMapper
Kamerka GUI
AIL Framework
Pown Recon
RedELK

Reverse-engineering (13)

NETReactorSlayer - Deobfuscator for Eziriz .NET Reactor
MitmProxy2Swagger - Automagically reverse-engineer REST API
Xepor - web routing framework for reverse engineers and security researchers
Binary Ninja 3.0
bkcrack - crack legacy zip
x64dbg Plugin Manager
ngrev
Deobfuscated BurpSuite Pro 2.1
Redress - A tool for analyzing stripped binaries
PyREBox
Ghidra Software Reverse Engineering Framework
Cutter - Radare2 Gui
Cracking HawkEye Keylogger Reborn

Security (15)

The finest Windows Optimizer
Security Onion Linux distro for intrusion detection
S1EM
HaccTheHub
ThreatMapper
ApplicationInspector
Trivy
Windows and Office ISO Download
Stegify
The Ultimate Guide to Ethical Hacking
ACT | Semi-Automated Cyber Threat Intelligence
OnionShare
Malware Analysis Tools List
Dnscrypt Proxy Gui
Ricochet

Web-security (34)

SQLi Auth Bypass payloads
VAmPI - The Vulnerable API
CRLFsuite - Fast CRLF injection scanning tool
Web Attack Payloads Wordlist
Wfuzz - The Web fuzzer
OWASP Coraza Web Application Firewall v2
PyShell
LKWA
AppSpider
Server Side Template Injection
HackBar V2
ezXSS
Tplmap
PHPGGC
JSONBee
Femida-xss
Postshell
Traxss
CSS Exfil Protection
XSS Attack
Singularity of Origin
Pixload
Weaponised XSS Payloads
Block Alert XSS
XSpear
XSRFProbe
The TIDoS Framework
Vuls | VULnerability Scanner
Revshellgen
B-XSSRF
HTTP Request Smuggler
Osmedeus
Jok3r v3
CMS Scan

Support the site !

Help to keep the blog ads-free.

Cyber-Security.tk

0x1.gitlab.io

About

Welcome to Cyber-Security.tk my personal blog to share my knowledge
Cyber Security, Ethical Hacking, Web & Network Auditing, Reverse Engineering and Cryptography
This website don't use analytics tracking and is ads-free. JavaScript is enabled .

Contact

Contact Form : Connect with Us

Ricochet : ricochet:3ka6l4q255cakeirgxupsl5i4lw3qpk5gmngtv5amax64hckuovgozyd