A comprehensive guide to understanding and responding to modern ransomware attacks, covering incident response, cyber threat intelligence, and forensic analysis.
Download Linux dependencies: - Recommend Ubuntu-based, raspbian is good - sudo apt-get install build-essential python-dev libmysqlclient-dev python-virtualenv python-pip If some don’t resolve, install what Linux tells you to Clone repository: - Git clone https://github.com/blaverick62/SIREN.git Change remote to your repository if using it for dev Setup VENV and install pip requirements: - cd SIREN - . ./VENV/bin/activate - pip install -r requirements.txt If some pip dependencies don’t install, install what python tells you: - sudo apt-get install libkrb5-dev - pip install python-gssapi - pip install paramiko To run SIREN: - sudo ./sirenstart.sh Setup Snort on Pi: - sudo apt-get install flex bison build-essential checkinstall libpcap-dev libnet1-dev libpcre3-dev libmysqlclient15-dev libnetfilter-queue-dev iptables-dev libdumbnet-dev autoconf libtool libdaq-dev snort Setup: - set up home net and interface - add file siren.rules to /etc/snort/rules - add line alert tcp $HOME_NET any -> any any (msg:"Target file accessed!"; content:"malarkey"; sid:1000037;) - add line include $RULE_PATH/siren.rules to snort.conf near line 550 with other includes Mysql setup On SIREN_DB
A comprehensive guide to understanding and responding to modern ransomware attacks, covering incident response, cyber threat intelligence, and forensic analysis.
Collection of cybersecurity conference videos recorded by Cooper (@Ministraitor)
A comprehensive incident response and threat hunting tool for Google Cloud Platform, providing logs and forensic data for effective incident response and threat hunting.
ENISA Training Resources offers online training material for cybersecurity specialists, covering technical and artefact analysis fundamentals.
A vulnerable web application for learning about web application vulnerabilities and writing secure code.
Validate baseline cybersecurity skills with CompTIA Security+ certification.
