Posts

Why rsyslog to Wazuh? Wazuh normally collects logs through its own agent, but there are situations where syslog forwarding makes more sense: The host can’t run the Wazuh agent (embedded systems, appliances, immutable OSes) You want visibility fast without deploying an agent You’re forwarding from network devices that only speak syslog You need a lightweight option for lab or training environments To prevent log tampering rsyslog gives you a quick path to centralized log collection with minimal footprint on the client. ...

Overview Silent Footprint is a free CTF lab from INE with four challenges that chain together into a full penetration test: enumerate services, gain initial access, pivot through a segmented network, and escalate to root using a recent sudo vulnerability. The lab has three target machines — ctf.playground.ine, ctf2.playground.ine, and a hidden third host that doesn’t resolve by name. The attack path crosses two network segments and ends with a privilege escalation via CVE-2025-32463. ...