Project README

auditd-attack

A Linux Auditd rule set mapped to MITRE's Attack Framework

Disclaimer

Please ensure you test these rules prior to pushing them into production. This rule set is NOT meant to have all of its rules enabled all at once (although that'd be ideal) it is setup to serve as guidance toward increasing detection/hunting coverage.

WIKI

Special Thanks To:

TODO

Increase MITRE ATT&CK coverage
Test rules across multiple flavors of Linux
Determine performance impacts of the ruleset

Open Source Agenda is not affiliated with "Auditd Attack" Project. README Source: bfuzzy/auditd-attack

Stars

769

Open Issues

Last Commit

3 years ago

Repository

bfuzzy/auditd-attack

License

MIT

Open Source Agenda Badge

<a href="https://www.opensourceagenda.com/projects/auditd-attack"><img src="https://www.opensourceagenda.com/projects/auditd-attack/reviews/badge.svg" alt="Open Source Agenda"></a>

Submit Review Review Your Favorite Project

Submit Resource Articles, Courses, Videos

Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

Auditd Attack Save

auditd-attack

Disclaimer

WIKI

Special Thanks To:

TODO

Open Source Agenda Badge

From the blog

How to Choose Which Programming Language to Learn First?

From the blog

How to Choose Which Programming Language to Learn First?