Learning Wazuh

The Wazuh open source security platform is a versatile software that provides awareness of the security of an environment through a complex set of components and integrations.

Given the great adaptability of Wazuh, the possibilities offered are extensive. In this area of the documentation, we provide a progressive set of hands-on experiences to accelerate your progress in becoming proficient in Wazuh.

Some of the labs will require skills that may have been acquired in previous labs, so we strongly encourage doing them in order.

Getting Started

Prepare your Wazuh Lab Environment

Labs

Detect an SSH brute-force attack
Detect an RDP brute force attack
Expose hiding processes
Detect filesystem changes
Change the rules
Survive a log flood
Detect and react to a Shellshock attack
Keep watch for malicious command execution
Catch suspicious network traffic
Track down vulnerable applications