30 lines
672 B
Markdown
30 lines
672 B
Markdown
Ubuntu 22 Server
|
|
sftp splunk file
|
|
|
|
APPs
|
|
cyberchef
|
|
pcap anlayzer
|
|
splunk stream
|
|
Network Diagram Viz
|
|
|
|
DATA
|
|
BotsV1
|
|
BotsV2
|
|
BotsV3
|
|
|
|
2 cables
|
|
span
|
|
|
|
- Zeek https://medium.com/@cybertoolguardian/zeek-installation-in-ubuntu-60835ee3e42c
|
|
REMEBER TO TURN PORTS ON, ENS192 STARTED DOWN, You'll get a "zeek started and immediately stopped" message if it's down
|
|
ip link set ensXXXX up
|
|
|
|
- Suricata https://docs.suricata.io/en/latest/quickstart.html
|
|
|
|
REPORTS
|
|
- Add all sigma rules https://github.com/SigmaHQ/sigma/tree/master/rules/windows/
|
|
- add all mitre rules
|
|
|
|
|
|
Remote Windows host
|
|
https://www.activecountermeasures.com/building-and-running-zeek-on-windows-server-2022/ |