Skip to content

sachinjung/KaliSIEM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
AI Logo.png
AI Logo.png
 
 
AI.png
AI.png
 
 
Atomic Red Team logo.png
Atomic Red Team logo.png
 
 
Atomic-Red-Team.png
Atomic-Red-Team.png
 
 
Autonomous Vulnerability Assessment and Penetration Testing platform.docx
Autonomous Vulnerability Assessment and Penetration Testing platform.docx
 
 
Autonomous Vulnerability Assessment and Penetration Testing platform.pdf
Autonomous Vulnerability Assessment and Penetration Testing platform.pdf
 
 
Cockoo.png
Cockoo.png
 
 
Cortex.png
Cortex.png
 
 
Elastic Endpoint.png
Elastic Endpoint.png
 
 
Elastic_Siem_Blog.webp
Elastic_Siem_Blog.webp
 
 
Enhanced-Kali-Purple-ELK-Setup.sh
Enhanced-Kali-Purple-ELK-Setup.sh
 
 
Extended-SOC-In-A-Box_Demo_Docker_Deployment_Script.sh
Extended-SOC-In-A-Box_Demo_Docker_Deployment_Script.sh
 
 
Install Instruction.txt
Install Instruction.txt
 
 
Kali Purple ELK SIEM Installation Guide.txt
Kali Purple ELK SIEM Installation Guide.txt
 
 
Kali-Purple-ELK-Endpoint-Fleet-Setup.sh
Kali-Purple-ELK-Endpoint-Fleet-Setup.sh
 
 
Kali-Purple-ELK-Setup-working.sh
Kali-Purple-ELK-Setup-working.sh
 
 
Kali-Purple-ELK-Setup.sh
Kali-Purple-ELK-Setup.sh
 
 
LICENSE
LICENSE
 
 
ML.png
ML.png
 
 
Misp.webp
Misp.webp
 
 
Old-SOC-In-A-Box_Demo_Docker_Deployment_Script.sh
Old-SOC-In-A-Box_Demo_Docker_Deployment_Script.sh
 
 
README.md
README.md
 
 
SOC-In-A-Box Demo Docker Deployment guide.docx
SOC-In-A-Box Demo Docker Deployment guide.docx
 
 
SOC-In-A-Box_Demo_Docker_Deployment_Script.sh
SOC-In-A-Box_Demo_Docker_Deployment_Script.sh
 
 
SOC-in-a-Box project plan.docx
SOC-in-a-Box project plan.docx
 
 
SOCB0X Architecture.pdf
SOCB0X Architecture.pdf
 
 
SOCB0X Architecture.png
SOCB0X Architecture.png
 
 
SOCB0X Architecture.svg
SOCB0X Architecture.svg
 
 
SOCB0X Architecture.vsdx
SOCB0X Architecture.vsdx
 
 
SOCBOX Proposal Outline.docx
SOCBOX Proposal Outline.docx
 
 
SOCBOX Solution Proposal.txt
SOCBOX Solution Proposal.txt
 
 
Security Operations Center SOC in a box.docx
Security Operations Center SOC in a box.docx
 
 
Setting up ELK Stack on Ubuntu.docx
Setting up ELK Stack on Ubuntu.docx
 
 
Setup Instruction.txt
Setup Instruction.txt
 
 
Step-by-Step guide to setting up Elastic Security Stack with Fleet Server and Cortex XSOAR or TheHive SOAR on the latest edition of Ubuntu Server.docx
Step-by-Step guide to setting up Elastic Security Stack with Fleet Server and Cortex XSOAR or TheHive SOAR on the latest edition of Ubuntu Server.docx
 
 
Step-by-Step guide to setting up Elastic Security Stack with Fleet Server-AI-ML for threat hunting-OpenSource Sandbox and TheHive SOAR.docx
Step-by-Step guide to setting up Elastic Security Stack with Fleet Server-AI-ML for threat hunting-OpenSource Sandbox and TheHive SOAR.docx
 
 
Top-User-Behavior-Analytics-Tools-1.png
Top-User-Behavior-Analytics-Tools-1.png
 
 
UEBA.png
UEBA.png
 
 
Work Required.txt
Work Required.txt
 
 
alienvault-otx-logo.png
alienvault-otx-logo.png
 
 
alienvault-otx.png
alienvault-otx.png
 
 
c67a802c-041f-4e46-aebc-f6f531038ae0.png
c67a802c-041f-4e46-aebc-f6f531038ae0.png
 
 
cuckoo.png
cuckoo.png
 
 
cuckoo_logo.jpg
cuckoo_logo.jpg
 
 
ea84a680-1b35-11ea-8bf5-f4a5870ea2e4.jpeg
ea84a680-1b35-11ea-8bf5-f4a5870ea2e4.jpeg
 
 
elastic 001.png
elastic 001.png
 
 
elastic-logo-V-full_color.jpg
elastic-logo-V-full_color.jpg
 
 
elastic-logstash-fw.png
elastic-logstash-fw.png
 
 
images.png
images.png
 
 
kibana.jpg
kibana.jpg
 
 
logo-syslog.png
logo-syslog.png
 
 
thehive-logo.png
thehive-logo.png
 
 

Repository files navigation

Introduction

The Kali Purple ELK OpenXDR Platform represents a comprehensive and robust solution for modern cybersecurity needs. By integrating SIEM capabilities (Elastic Stack with Fleet Server), Cyber Threat Intelligence tools (OpenCTI), and powerful monitoring solutions like GVM, Zeek, and Suricata, this platform is designed to provide end-to-end threat detection, response, and intelligence capabilities.

Kali Purple combines the versatility of the Kali Linux environment with advanced open-source tools to create a centralized, fully configured platform for Security Information and Event Management (SIEM), Cyber Threat Intelligence (CTI), and Extended Detection and Response (XDR). This all-in-one setup empowers cybersecurity professionals and researchers with tools to address vulnerabilities, analyze network behavior, and respond to threats effectively.

This guide will take you step-by-step through installing and configuring the Kali Purple ELK OpenXDR Platform, providing a solid foundation for securing networks and monitoring environments. The following components will be configured during the installation process:

Elastic Stack (SIEM with Fleet Server) for log collection, analysis, and visualization.
OpenCTI for integrating threat intelligence.
Zeek and Suricata for network traffic analysis and threat detection.
GVM (Greenbone Vulnerability Management) for vulnerability scanning and assessment.
CyberChef for data parsing and analysis.

Whether you are setting up the platform for a home lab, small business, or enterprise environment, this guide is structured to ensure minimal setup challenges and a streamlined configuration process. Let's get started with building your Kali Purple ELK OpenXDR Platform.

To install manually follow step by step from Kali Purple ELK SIEM Install Guide and if you want to do it in one go follow the Setup Instruction.

About

Kali Purple ELK XDR Stack

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages