wazuh

There are 7 repositories under wazuh topic.

• wazuh / wazuh

  Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

  cloud-securitycomplianceconfiguration-assessementcontainer-securitycybersecurityfile-integrity-monitoringincident-responseinfoseclog-analysismalware-detectionpci-dsssecuritysecurity-auditsecurity-automationsecurity-hardeningsecurity-toolssiemvulnerability-detectionwazuhxdr
  Language:C 13479

• wazuh / wazuh-docker

  Wazuh - Docker containers

  wazuhdockerossecsecurityloganalyzercompliancemonitoringintrusion-detectionpolicy-monitoringelasticsearchsecurity-hardeninglog-analysisidspci-dssfile-integrity-managementsecurity-awarenessvulnerability-detectionincident-responsehacktoberfesthacktoberfest-accepted
  Language:Shell 906

• wazuh / wazuh-dashboard-plugins

  Plugins for Wazuh Dashboard

  wazuhossecsecurityloganalyzercompliancemonitoringintrusion-detectionpolicy-monitoringopenscapsecurity-hardeningidspci-dssfile-integrity-managementsecurity-awarenesslog-analysisvulnerability-detectionincident-responsegdpropensearch-dashboardsopensearch-plugins
  Language:TypeScript 485

• wazuh / wazuh-ruleset

  Wazuh - Ruleset

  wazuhossecsecurityloganalyzercompliancemonitoringintrusion-detectionpolicy-monitoringelasticsearchopenscapsecurity-hardeningidspci-dssfile-integrity-managementsecurity-awarenesslog-analysisvulnerability-detectionincident-response
  Language:Python 479

• wazuh / wazuh-ansible

  Wazuh - Ansible playbook

  wazuhansibleossecsecurityloganalyzercompliancemonitoringintrusion-detectionpolicy-monitoringelasticsearchsecurity-hardeningidspci-dssfile-integrity-managementsecurity-awarenesslog-analysisvulnerability-detectionincident-responsehacktoberfesthacktoberfest-accepted
  Language:Jinja 358

• wazuh / wazuh-documentation

  Wazuh - Project documentation

  compliancedocumentationelasticsearchfile-integrity-managementfimincident-responseintrusion-detectionlog-analysisloganalyzermonitoringopenscapossecpci-dssreferencesecuritysecurity-awarenesssecurity-hardeningvulnerability-detectionwazuh
  Language:JavaScript 225

• CityBaseInc / SIAC

  SIAC is an enterprise SIEM built on open-source technology.

  siemsecurityelkosqueryintrusion-detectionsecdevopspci-dssfimcompliancewazuhincident-responseaws
  114

• wazuh / wazuh-packages

  Wazuh - Tools for packages creation

  complianceelasticsearchfile-integrity-managementidsincident-responseintrusion-detectionlog-analysisloganalyzermonitoringossecpci-dsspolicy-monitoringsecuritysecurity-awarenesssecurity-hardeningvulnerability-detectionwazuh
  Language:Shell 113

• malwarekid / SOAR-Flow

  SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incident response. It enriches alerts using VirusTotal & AbuseIPDB, creates incidents in TheHive, and sends real-time Discord notifications.

  cybersecurityshufflesiemsoarsocthehivewazuh
  93

• Hestat / ossec-sysmon

  A Ruleset to enhance detection capabilities of Ossec using Sysmon

  dfirossecsysmonwazuh
  Language:PowerShell 91
• WAZUH-OSSEC

  magenx / WAZUH-OSSEC

  WAZUH - The Open Source Security Platform Installation

  centos8clusterelasticsearchkibanalogstashmagentomonitoringossecossec-wazuhsecuritywazuh
  Language:Shell 84

• wazuh / wazuh-api

  Wazuh - RESTful API

  complianceelasticsearchfile-integrity-managementidsincident-responseintrusion-detectionlog-analysisloganalyzermonitoringopenscapossecpci-dsspolicy-monitoringsecuritysecurity-awarenesssecurity-hardeningvulnerability-detectionwazuh
  Language:JavaScript 76

• sametsazak / sysmon

  Sysmon and wazuh integration with Sigma sysmon rules [updated]

  wazuhsysmonossecsecurity-toolssecuritysysmon-configwazuh-managersigma
  64

• pyToshka / docker-wazuh-agent

  Monitoring a Kubernetes cluster involves deploying and utilizing the Wazuh agent within the Kubernetes environment.

  akscisdaemonsetdevopseksgkekubernetesmonitoringscannersecurity-toolswazuhwazuh-agentwazuh-server
  Language:Python 59

• wazuh / wazuh-splunk

  Wazuh - Splunk App

  compliancefile-integrity-managementgdpridsintrusion-detectionlog-analysisloganalyzermonitoringopenscapossecpci-dsspolicy-monitoringsecuritysecurity-awarenesssecurity-hardeningsplunkvulnerability-detectionwazuh
  Language:JavaScript 56

• wazuh / wazuh-puppet

  Wazuh - Puppet module

  complianceelasticsearchfile-integrity-managementhacktoberfesthacktoberfest-acceptedhacktoberfest2021incident-responseintrusion-detectionlog-analysisloganalyzermonitoringossecpci-dsspolicy-monitoringpuppetsecuritysecurity-awarenesssecurity-hardeningvulnerability-detectionwazuh
  Language:Puppet 51

• wazuh / wazuh-cloudformation

  Wazuh - Amazon AWS Cloudformation

  elasticsearchfile-integrity-monitoringidsincident-responselog-analysismonitoringopenscapossecpci-dsspolicy-monitoringsecuritysecurity-awarenesssecurity-hardeningvulnerability-detectionwazuh
  Language:Shell 41

• 0xjessie21 / CVE-2025-24016

  CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE)

  wazuhremote-code-execution-in-wazuh-serverdeserializationdeserializeexploitrcerce-exploitremote-code-executioncve-2025-24016cve-2025-24016-poc
  Language:Python 40

• MuhammadWaseem29 / CVE-2025-24016

  CVE-2025-24016: RCE in Wazuh server! Remote Code Execution

  cve-2025-24016cve-2025-24016-poccybersecurityremote-code-executionsecurity-researchwazuh
  32

• alextibor / wazuh-fortigate-rules-decoders

  Decoders and Rules for Fortigate in Wazuh

  elasticsearchfirewallfortigatefortinetopensearchsecuritysecurity-toolssiemsyslogthreat-huntingthreat-intelligencewazuh
  29

• kajov / wazuh-kubernetes-helmchart

  Wazuh - Wazuh Kubernetes Helm chart. This repo is not maintained by Wazuh team. This is community project.

  automationcommunitycompliancecontainersdevsecopsdockerhelmhelm-chartk8skubernetesmonitoringorchestrationsecuritysecurity-toolsvulnerability-detectionwazuh
  Language:Mustache 27

• pyToshka / wazuh-prometheus-exporter

  Wazuh prometheus exporter

  prometheusprometheus-exporterwazuhwazuh-api
  Language:Python 23

• wazuh / wazuh-chef

  Wazuh - Chef cookbooks

  chefcomplianceelasticsearchfile-integrity-managementidsincident-responseintrusion-detectionlog-analysisloganalyzermonitoringopenscapossecpci-dsspolicy-monitoringsecuritysecurity-awarenesssecurity-hardeningvulnerability-detectionwazuh
  Language:Ruby 22

• AnonymousWP / Wazuh-ChatGPT-integration

  A configuration to allow Wazuh to communicate with ChatGPT, based on https://loggar.hashnode.dev/augmenting-wazuh-with-chatgpt-integration

  chatgptsecurity-toolswazuh
  Language:Python 21

• misje / wazuh-opencti

  Wazuh extension looking up alert data against indicators in OpenCTI threat intel

  openctiwazuh
  Language:Python 19

• misje / opencti-wazuh-connector

  OpenCTI–Wazuh connector looking for indicators in Wazuh and creating sightings

  openctiwazuh
  Language:Python 17

• nateuribe / Wazuh-IRIS-integration

  (Unofficial) Wazuh integration to send alerts to IRIS.

  dfir-irisinfosectoolssecurity-toolswazuhwazuh-integration
  Language:Python 16

• 4sConsult / box4security

  Open-source powered SIEM, Vulnerability Scanning, Host- & Network-IDS. Built upon Elastic Stack, OpenVAS, Suricata. Wrapped in a Python Flask web app.

  apidockerelasticfreeidsopen-sourceopenvaspythonsecuritysiemsuricatawazuh
  Language:HTML 15

• peppelinux / django-audit-wazuh

  Django middleware and signals for handling security events

  wazuhossec-wazuhossecdjangosiemloganalysissecurity
  Language:Python 12

• 0xrajneesh / Wazuh-Home-Lab

  If you a security engineer or an aspirant Security professional then Setting up a Wazuh home lab environment is an excellent way for SOC (Security Operations Center) analysts to gain hands-on experience in security monitoring, alerting, and response.

  wazuhwazuh-hidswazuh-rules
  11

• wazuh / wazuh-bosh

  Wazuh - Release for Bosh.io

  boshcomplianceelasticsearchfile-integrity-managementidsincident-responseintrusion-detectionlog-analysisloganalyzermonitoringopenscapossecpci-dsspolicy-monitoringsecuritysecurity-awarenesssecurity-hardeningvulnerability-detectionwazuh
  Language:Shell 11

• unmuktoai / Wazuh-MCP-Server

  An open-source MCP server for integrating Wazuh security data with LLMs (such as the Claude Desktop App). This service authenticates with the Wazuh RESTful API, retrieves alerts from Elasticsearch indices, transforms events into an MCP-compliant JSON format, and exposes an HTTP endpoint for Claude Desktop to fetch real-time security context.

  aiclaudeclaude-aigenaimcpmcp-servermcpservermodel-context-protocolmodel-context-protocol-serverspythonwazuhwazuh-integration
  Language:Python 10

• admicrovn / wazuh-integratord

  wazuh-integratord - This version is written in Go. It was created to help to parse alerts log and alerting faster.

  wazuhintegratorwazuh-integratord
  Language:Go 9

• autonubil / go-wazuh

  go client for the wazuh rest api

  agentgolangossecwazuhapi-client-go
  Language:Go 9

• tread-lightly / KSC_decoders_and_rules_for_Wazuh

  Kaspersky Security Center: custom decoders and rules for Wazuh SIEM

  kasperskykeskscsiemwazuhwseeinfoseclog-analysissecuritysecurity-audit
  9

• uruc / SOC-Automation-Lab

  This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu 22.04 for Wazuh and TheHive, deployed on cloud or VMs. Goals: automate event collection, alerting, and incident response to enhance SOC efficiency.

  security-operations-centershufflerthehivevirustotalwazuh
  9