Kileen on Nostr: nprofile1q…ufle4 one of the vendors has signature findings for everything in ...

nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpq7yf7cxzxz4kwf24zmflvyqqtrylsjwm5q9a074u5ger57rmzz0aq0ufle4 (nprofile…fle4) one of the vendors has signature findings for everything in AtomicRedTeam. I’m using Ludus (https://docs.ludus.cloud/docs/intro/) to spin up a safe environment (mainly for AD - thanks to BadBlood for lots of AD objects!). I’m including a macOS & Linux RHEL host as well for testing and having logging sent via elastic agents to an ELK instance with an added sysmon config. My plan is to use Caldera on a Linux host as a C2, so the tests are able to be repeated. I haven’t found the time to spin up or test Sliver, but this’ll be for more than one EDR vendor. Happy to discuss or get ideas, but the testing will need to happen soon.