NONAN23x/SoC-Home-Lab — reverse-engineered prompt

Build me a beginner friendly home Security Operations Center lab project that someone can run in VirtualBox and learn from at home. I want it centered around five machines, a pfSense router, an Ubuntu server running Wazuh as the main SIEM and XDR, a Fedora honeypot server with OpenCanary, a Windows 11 endpoint sending events, and a Kali box for attack simulation.

Please make it feel practical and easy to follow, with clear setup guides, sensible configs, and any small Python helpers or automation that make the lab smoother to use. The end result should show real security value, like detecting malware on the Windows machine, spotting basic web attacks, sending honeypot alerts into Wazuh, and letting me run simple red team style tests to verify detections.

Keep it open source, hands on, and aimed at someone learning blue team skills without enterprise hardware. A polished README with the architecture, prerequisites, IP plan, install steps, and what each machine is for would be great. Look up current docs online if you need to.