This is my first Purple Team Project
This project was created with the aim of learning
- How to set up a firewall (PfSense)
- How to make two different networks communicate with each other
- How to set up a SIEM system (Splunk)
- How to install an agent and monitor security concerning logs (Splunk Universal Forwarder)
- How to forward various logs to the SIEM system (Firewall -> 514/udp, via splunk server port 9997)
- Attack a vulnerable machine (symfonos 1 [Vulnhub]) using Kali Linux
- Observing how the attack was logged utilizing the Splunk SIEM system