Skip to content

hankthebldr/xsiam-prisma-cdr-lab

BranchesTags

Repository files navigation

XSIAM Prisma Cloud Detection and Response

Repo orgnization

  • Cloud Servide Deployment
  • Cryptominer containers
    • static/set
    • ran/image
    • replica set
    • known/unown to wildfire ' Dvwa - DVWA that is packaged into a kuberentes deployment, includes service objects and the ability to assign a pulci ip
  • sql ingection
  • reverse webshell

Kuberentes Goat - Easy CDR

Reference Repositories

Kuberentes GOAT - Multi-Senario Deployment File

https://github.com/madhuakula/kubernetes-goat

Tests

WildFire Tests - Powered by Precison AI

https://docs.paloaltonetworks.com/advanced-wildfire/administration/configure-advanced-wildfire-analysis/verify-wildfire-submissions/test-a-sample-malware-file

Lineenum and esecut

https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh

Samples to drop and execute

C2 Agent

https://github.com/timb-machine/linux-malware/blob/main/malware/binaries/Unix.Backdoor.DeimosC2/05e9fe8e9e693cb073ba82096c291145c953ca3a3f8b3974f9c66d15c1a3a11d.elf.x86_64

Conti Ransomware

https://github.com/timb-machine/linux-malware/blob/main/malware/binaries/Conti/bb64b27bff106d30a7b74b3589cc081c345a2b485a831d7e8c8837af3f238e1e.elf.x86_64

BFPDoor

https://github.com/timb-machine/linux-malware/blob/main/malware/binaries/BPFDoor/07ecb1f2d9ffbd20a46cd36cd06b022db3cc8e45b1ecab62cd11f9ca7a26ab6d.elf.x86_64

About

Cloud Detection and Responce

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published