Linux
Linux
Auditd configuration mapped to ATT&CK
https://github.com/bfuzzy/auditd-attack
LOLbins for *NIX systems
Florian Roth's auditd config
https://gist.github.com/Neo23x0/9fe88c0c5979e017a389b90fd19ddfee
Detecting ATT&CK techniques & tactics for Linux
https://github.com/Kirtar22/Litmus_Test/blob/master/README.md
Sysmon for Linux
https://github.com/microsoft/MSTIC-Sysmon/tree/main/linux/configs
https://www.lares.com/blog/sysmon-for-linux-test-drive/
Detecting persistence mechanisms in Linux