FreshDemo is here to provide step-by-step (ooh baby) guides that demonstrate stages of the cybersecurity attack chain and how defences can work. Some guides include individual stages of the attack chain and others involve various stages.
Many of the examples include real malicious indicators and could get your computer and computers connected to that computer compromised. To reduce this risk it is recommended to at least use VM's with sharing disabled, and have a good snapshot of the core image. You should also leverage the name server in freshdemo/mailanddns to contain A records for any of the malicious domains so that you effectively sinkhole them instead of accidentally accessing them.
One of the other things we intend to provide is immutible infrastructure so that you can quickly execute the tests in a closed environment, without spending so much time doing system engineering.
Each post should be tagged with one of the following, which are alingned with Mitre Att&ck. The categories link in the top right corner will bring you to them quickly.
- infrastructure - any systems that will facilitate transmitting the attacks.
- initialaccess
- execution
- persistence
- privilegeescalation
- defenseevasion
- credentialaccess
- discovery
- lateralmovement
- collection
- commandandcontrol
- exfiltration
- impact