Upload files to "Modules/Knowledge/SANS"

Modules/Knowledge/SANS/gmon.py

@@ -0,0 +1,34 @@
+def get_content():
+    """
+    Returns structured content for GMON security insights.
+    """
+    return [
+        {
+            "title": "511.1.1 - Botnet Evolution",
+            "content": """
+- Botnets mark the transition from traditional to modern attack techniques.
+- Emphasis on denying adversaries' goals by understanding key organizational priorities.
+            """
+        },
+        {
+            "title": "511.1.4 - New Security Paradigm",
+            "content": """
+- Detect adversaries and respond rapidly.
+- Define desired outcomes to act effectively.
+            """
+        },
+        {
+            "title": "511.1.5 - Decline of Server Exploits",
+            "content": """
+- Modern attacks favor client-side over server-side exploits.
+- Early malware primarily focused on spreading, with newer approaches targeting credentials and persistence.
+            """
+        },
+        {
+            "title": "511.2.1 - People and Processes",
+            "content": """
+- Emphasizing processes over tools: Prevent -> Detect -> Respond.
+- Telemetry and behavioral analysis as foundational elements of modern security.
+            """
+        }
+    ]