att&ck
https://paper.seebug.org/category/vul-analysis/?page=3
删除Exited状态的容器
docker rm `docker ps -a|grep Exited|awk '{print $1}'`
一、防火墙的开启、关闭、禁用命令
(1)设置开机启用防火墙:systemctl enable firewalld.service
(2)设置开机禁用防火墙:systemctl disable firewalld.service
(3)启动防火墙:systemctl start firewalld
(4)关闭防火墙:systemctl stop firewalld
(5)检查防火墙状态:systemctl status firewalld
docker hub加速访问设置
https://www.jianshu.com/p/9031fdf61115?utm_campaign=maleskine&utm_content=note&utm_medium=seo_notes&utm_source=recommendation
CALDERA
https://www.youtube.com/watch?v=YNIxwNLF7dc
ATT&CK框架
http://www.secwk.com/2019/10/09/9896/
环境搭建
https://blog.csdn.net/flurry_rain/article/details/116034272
实战
https://blog.csdn.net/qq_42323763/article/details/115026477?utm_medium=distribute.pc_relevant.none-task-blog-2%7Edefault%7EBlogCommendFromMachineLearnPai2%7Edefault-4.control&depth_1-utm_source=distribute.pc_relevant.none-task-blog-2%7Edefault%7EBlogCommendFromMachineLearnPai2%7Edefault-4.control
atomic-red-team
https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/Indexes/Indexes-Markdown/linux-index.md
C2
https://www.varonis.com/blog/what-is-c2/
相关资料
ATT&CK:https://attack.mitre.org/
SIGMA:https://github.com/Neo23x0/sigma
Mitre Caldera:https://github.com/mitre/caldera
Endgame Red Team Automation:https://github.com/endgameinc/RTA
Redcanary Atomic Red Team:https://www.redcanary.com/atomic-red-team/
Uber Metta:https://github.com/uber-common/metta
Advanced-Threat-Hunting-with-Carbon-Black:http://the.report/assets/Advanced-Threat-Hunting-with-Carbon-Black.pdf
ATT&CK 项目和资源
https://www.varonis.com/blog/mitre-attck-framework-complete-guide/
漏洞平台
https://www.wangan.com/articles/4562
威胁情报分析Symantec Enterprise Blogs
Symantec Enterprise Blogs
APTSimulator
https://github.com/NextronSystems/APTSimulator
高级持续性攻击技术的分析和溯源
https://cloud.tencent.com/developer/video/20356
ModuleNotFoundError: No module named 'plugins.manx.app'
这很可能是因为--recursive您最初克隆 caldera 时没有使用该选项。
有几种方法可以修复它:
使用--recursive选项重新克隆存储库(查看我们自述文件中的示例命令以获取发布版本)
让 git 将缺少的子模块下拉到您现有的存储库中:
cd /path/to/caldera
git submodule update --init
calder使用方法
https://caldera.readthedocs.io/en/latest/Getting-started.html
