Upload files to "Assets"

Assets/ascii_text_prompts.py

@@ -2,18 +2,18 @@ import os
 from colorama import Fore, Style
 
 full_ascii_art = f"""
-{Fore.RED}{Style.BRIGHT}
+{Fore.BLUE}{Style.BRIGHT}
-┏┓┏┏     •      ┏┓  ┓       ┏┓         •       ┳┓   ┓ ┓  
+┓┏       ┏┓   •┏• •  ┓  •     ┓┓•         
-┃┃╋╋┏┓┏┓┏┓┓┏┏┓  ┃ ┓┏┣┓┏┓┏┓  ┃┃┏┓┏┓┏┓┏┓╋┓┏┓┏┓┏  ┣┫┓┏┏┫┏┫┓┏
+┣┫┓┏┏┓╋  ┣┫┏┓╋┓╋┓┏┓┏┓┃  ┓┏┓╋┏┓┃┃┓┏┓┏┓┏┓┏┏┓
-┗┛┛┛┗ ┛┗┛┗┗┛┗   ┗┛┗┫┗┛┗ ┛   ┗┛┣┛┗ ┛ ┗┻┗┗┗┛┛┗┛  ┻┛┗┻┗┻┗┻┗┫
+┛┗┗┻┛┗┗  ┛┗┛ ┗┗┛┗┗┗┗┻┗  ┗┛┗┗┗ ┗┗┗┗┫┗ ┛┗┗┗ 
-                   ┛          ┛                         ┛
+                                  ┛       
 {Style.RESET_ALL}"""
-
+                                  
 ascii_art = f"""
-{Fore.RED}{Style.BRIGHT}
+{Fore.BLUE}{Style.BRIGHT}
-┏┓┏┓┏┓  ┳┓┳┳┳┓┳┓┓┏
+┓┏       ┏┓┳
-┃┃┃ ┃┃  ┣┫┃┃┃┃┃┃┗┫
+┣┫┓┏┏┓╋  ┣┫┃
-┗┛┗┛┗┛  ┻┛┗┛┻┛┻┛┗┛
+┛┗┗┻┛┗┗  ┛┗┻
 {Style.RESET_ALL}"""
 
 infinitei = f"""

Assets/random_tip.py

@@ -0,0 +1,103 @@
+import random
+from colorama import Fore, Style
+
+TIPS = [
+    "🔐 Look for multiple failed login attempts followed by a success.",
+    "👥 Monitor for the creation of suspicious or unusual accounts.",
+    "🖋️ Keep an eye out for renamed files or sudden changes to file extensions.",
+    "🛡️ Always investigate signs of persistence mechanisms like scheduled tasks or services.",
+    "🔍 Check logs for lateral movement patterns within the network.",
+    "📂 Look for data exfiltration attempts during off-hours.",
+    "🕵️‍♂️ Watch for processes running in uncommon directories.",
+    "🗂️ Review changes to sensitive directories like /etc or C:\\Windows\\System32.",
+    "⚠️ Be alert to PowerShell scripts with obfuscation or base64 encoding.",
+    "📥 Investigate unusual inbound or outbound traffic patterns.",
+    "💻 Track the execution of unknown binaries or scripts.",
+    "📊 Analyze event logs for sequences that indicate privilege escalation.",
+    "🌐 Monitor for connections to known malicious IPs or domains.",
+    "📈 Look for unusual spikes in network activity or CPU usage.",
+    "🔑 Check for default or weak passwords in critical accounts.",
+    "🔗 Watch for newly created symbolic links or junction points.",
+    "🕒 Investigate task scheduler events outside of normal working hours.",
+    "📦 Look for recently installed software that wasn’t approved.",
+    "🔓 Monitor for attempts to disable antivirus or EDR tools.",
+    "📜 Analyze browser history or bookmarks for connections to malicious sites.",
+    "📂 Look for files with double extensions like `.exe.pdf`.",
+    "🛠️ Check system startup items for unauthorized entries.",
+    "📤 Investigate signs of data compression and outbound transfer.",
+    "👀 Watch for registry modifications in persistence-related keys.",
+    "🔍 Scan for unsigned drivers or DLLs in system directories.",
+    "📡 Monitor DNS queries to unusual or high-risk domains.",
+    "💽 Look for rogue virtual machines or snapshots.",
+    "🖥️ Inspect remote desktop protocol (RDP) logs for unauthorized connections.",
+    "🛡️ Review firewall logs for changes in access rules or port scans.",
+    "📧 Analyze email headers for signs of phishing or spoofing.",
+    "📌 Monitor USB activity for unauthorized devices.",
+    "⚡ Look for processes with high privilege levels started by unprivileged users.",
+    "🔗 Watch for changes to trusted system binaries.",
+    "🛠️ Investigate event IDs related to new service installations.",
+    "📂 Check shadow copies for deleted or modified files.",
+    "🔍 Monitor account logins from unusual geographic locations.",
+    "📂 Investigate tampering with backup files or schedules.",
+    "🖥️ Look for signs of remote code execution (RCE) attempts.",
+    "🌐 Review web server logs for suspicious parameter tampering.",
+    "🚦 Monitor network flows for unusual traffic patterns or unexpected ports.",
+    "📡 Be suspicious of repeated DNS queries to non-existent domains.",
+    "🔒 Check for unauthorized changes to file or folder permissions.",
+    "📤 Look for encrypted or compressed outbound traffic to unknown hosts.",
+    "⚙️ Monitor changes in system startup configurations.",
+    "🔍 Search for PowerShell scripts that include encoded commands.",
+    "📁 Investigate files with zero-byte size in critical directories.",
+    "🕒 Check for processes running at scheduled intervals outside business hours.",
+    "📈 Review performance metrics for sudden resource spikes.",
+    "🚀 Look for signs of process injection into legitimate applications.",
+    "💻 Monitor for unauthorized changes to group memberships.",
+    "🔗 Watch for symbolic links pointing to unexpected locations.",
+    "🔍 Examine email attachments for hidden macros or scripts.",
+    "⚠️ Scan for privilege escalation techniques in event logs.",
+    "📦 Look for unexpected or unsigned updates to software packages.",
+    "💾 Review logs for signs of removable media usage.",
+    "🖥️ Investigate unusual usage of command-line utilities like `netstat` or `ipconfig`.",
+    "📤 Track unusual outbound connections to high-risk countries.",
+    "🔍 Look for registry keys with suspicious auto-start entries.",
+    "🔧 Investigate changes to WMI subscriptions or filters.",
+    "📊 Analyze account lockout patterns for brute-force attempts.",
+    "🛡️ Monitor processes using suspicious parent-child relationships.",
+    "📥 Investigate large file downloads from unusual IPs.",
+    "⚡ Check for unauthorized applications installed via package managers.",
+    "🔗 Look for SMB connections between unexpected hosts.",
+    "🔍 Search for processes masquerading as system utilities.",
+    "🖥️ Review logs for attempts to clear or disable event logging.",
+    "📂 Look for hidden files in critical directories.",
+    "🚦 Monitor outbound traffic for data transfers at odd hours.",
+    "🔓 Check for unauthorized access to sensitive configuration files.",
+    "🔧 Scan for unrecognized services or drivers in startup logs.",
+    "🌐 Review web application logs for unauthorized access attempts.",
+    "📜 Look for tampered audit logs or log file deletions.",
+    "💡 Investigate systems with unusual uptime patterns.",
+    "🕵️‍♂️ Monitor unusual changes to group policies.",
+    "📂 Investigate abnormal growth in specific file directories.",
+    "🛠️ Look for unusual process execution chains in forensic tools.",
+    "📋 Check for clipboard monitoring or keylogging behavior.",
+    "🚨 Monitor IDS/IPS alerts for common lateral movement patterns.",
+    "🌍 Correlate login activity with geolocation inconsistencies.",
+    "🔑 Investigate processes accessing security-critical files.",
+    "📤 Look for repeated failed data upload attempts to unknown servers.",
+    "🔍 Check for malicious scheduled tasks created recently.",
+    "🛡️ Watch for unusual changes to user password policies.",
+    "📈 Investigate sudden changes in user account activity levels.",
+    "🖥️ Review temporary files for evidence of script execution.",
+    "📦 Monitor endpoints for unauthorized package or library downloads.",
+    "📂 Look for anomalies in recently accessed files.",
+    "⚙️ Investigate mismatches in user-agent strings in web traffic.",
+    "🔍 Look for attackers leaving test artifacts like `1.txt` or `test.ps1`.",
+    "📜 Track file hashes for unauthorized changes to key binaries.",
+    "🚦 Review network traffic for abnormal TTL values."
+]
+
+COLORS = [Fore.RED, Fore.GREEN, Fore.BLUE, Fore.MAGENTA, Fore.CYAN, Fore.YELLOW, Fore.WHITE]
+
+def get_random_tip_with_color():
+    tip = random.choice(TIPS)
+    color = random.choice(COLORS)
+    return f"{color}{tip}{Style.RESET_ALL}"