Upload files to "Modules"

Modules/tips.py

@@ -3,6 +3,21 @@ import re
 
 
 TIPS = [
+    "💻 Make sure your Host Agents are not disabled by the APT/Red Team.",
+    "🛡️ Ensure EDR and antivirus solutions are actively monitoring all endpoints.",
+    "🔒 Monitor for unusual attempts to disable or uninstall security agents.",
+    "📊 Know what type of logs you are receiving.",
+    "🔍 Understand your log sources and validate their integrity.",
+    "📈 Ensure critical logs like authentication, network traffic, and process activity are being collected.",
+    "📧 Phishing is a common initial access attempt.",
+    "🛑 Train employees to recognize and report phishing emails promptly.",
+    "🕵️‍♀️ Investigate email attachments or links for suspicious behavior.",
+    "👽 Initial Access, Lateral Movement, and C2 are the easiest to catch.",
+    "🌐 Watch for strange connections to uncommon IPs or ports for C2 detection.",
+    "🔗 Track login patterns for signs of lateral movement across systems.",
+    "🛠️ Create Alerts tailored to your APT.",
+    "🚨 Develop rules based on TTPs of the threats your organization faces.",
+    "👾 Use known threat actor behavior as a baseline for detection.",
     "🔐 Look for multiple failed login attempts followed by a success.",
     "👥 Monitor for the creation of suspicious or unusual accounts.",
     "🖋️ Keep an eye out for renamed files or sudden changes to file extensions.",