Simulating EDR with LimaCharlie Victim-Attacker VMs and Sliver-C2 Framework

I have Worked on a home lab using blog posts and simulated Endpoint Detection and Response(EDR) system which consists of a Windows 10 victim virtual(VM) machine, Linux attacker VM, and LimaCharlie with EDR-like ability. Installed a sensor on the victim machine that collects and analyzes log files and, after simulating attacks using Sliver C2 a command and control framework, created detection rules leveraging the Sigma rule to identify and block abnormal activities. Fine-tuned the detection rules to minimize false positives, enhancing the system’s threat detection and prevention capabilities.