p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #843 from guardicore/feature/docs-mitre-improvements 

docs: Add final tweaks to mitre techniques page.
This commit is contained in:
Itay Mizeretz 2020-09-30 14:04:58 +03:00 committed by GitHub
parent fad19258d5 54f7cf41e3
commit 53f3625172
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
docs/content/reference/mitre_techniques.md
View File

@ -1,3 +1,23 @@
---
title: "MITRE ATT&CK"
date: 2020-09-24T08:18:37+03:00
draft: false
pre: '&nbsp<b><u>&</u></b> '
weight: 10
---
{{% notice info %}}
Check out [the documentation for the MITRE ATT&CK report as well](../../usage/reports/mitre).
{{% /notice %}}
The Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base and based on this,
provides a report detailing the techniques it used and recommended mitigations.
The idea is to help you simulate an APT attack on your network and mitigate real attack paths intelligently.
In the following table we provide the list of all the ATT&CK techniques the Monkey provides info about,
categorized by tactic. You can follow any of the links to learn more about a specific technique or tactic.
| TACTIC | TECHNIQUES |
|--- |--- |
| [Execution](https://attack.mitre.org/tactics/TA0002/) | [Command-line Interface](https://attack.mitre.org/techniques/T1059/) |
@ -7,7 +27,7 @@
| | [Scripting](https://attack.mitre.org/techniques/T1064/) |
| | [Service Execution](https://attack.mitre.org/techniques/T1035/) |
| | [Trap](https://attack.mitre.org/techniques/T1154/) |
| [Persistence](https://attack.mitre.org/tactics/TA0003/) | [`.bash_profile` & `.bashrc`](https://attack.mitre.org/techniques/T1156/) |
| [Persistence](https://attack.mitre.org/tactics/TA0003/) | [.bash_profile & .bashrc](https://attack.mitre.org/techniques/T1156/) |
| | [Create Account](https://attack.mitre.org/techniques/T1136/) |
| | [Hidden Files & Directories](https://attack.mitre.org/techniques/T1158/) |
| | [Local Job Scheduling](https://attack.mitre.org/techniques/T1168/) |
@ -36,4 +56,3 @@
| | [Uncommonly Used Port](https://attack.mitre.org/techniques/T1065/) |
| | [Multi-hop Proxy](https://attack.mitre.org/techniques/T1188/) |
| [Exfiltration](https://attack.mitre.org/tactics/TA0010/) | [Exfiltration Over Command And Control Channel](https://attack.mitre.org/techniques/T1041/)|
| | |

2
docs/content/usage/reports/mitre.md
View File

@ -5,7 +5,7 @@ draft: false
---
{{% notice info %}}
Check out [the documentation for the other reports as well](../).
Check out [the documentation for the other reports](../) and [the documentation for supported ATT&CK techniques as well](../../../reference/mitre_techniques).
{{% /notice %}}
The Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base: It provides a new report with the utilized techniques and recommended mitigations, to help you simulate an APT attack on your network and mitigate real attack paths intelligently.