Add logged operations to the "List of all available attack techniques" page #582
Labels
kind/documentation
Improvements or additions to documentation
Comments
lsass-exe
changed the title
|
Thansk for the suggestion! In the meantime, https://traildiscover.cloud/ might be helpful for you! It has a link back to Stratus Red Team. cc @adanalvarez FYI |
christophetd
added
the
kind/documentation
|
Hadn't seen this before, thanks!! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This may be out of scope of this project but as a blue teamer it would be very useful for me to have a cheatsheet where I can look up log event operations and see what techniques they map to.
I think having an additional column on this page:
https://stratus-red-team.cloud/attack-techniques/list/
That for each row, lists the related operation that is logged for the technique.
E.g. for the row "Retrieve EC2 password data" have another column that lists "ec2:GetPasswordData"
I know this is also contained in the technique pages themselves but it is hard to ctrl-f on those.
Happy to pick this up if it is of interest.
The text was updated successfully, but these errors were encountered: