MITRE ATT&CK & SHIELD training

Install

lesson_1: packet_reader.py -> read a packet file, disect packets within, build our own packets ✅
lesson_2: port_scan.py -> scan a list of ports, check for open ports + print results ✅
lesson_3: dns_exploration.py -> scan & discover domains & ips using dns request + reverse dns requests ✅
lesson_4: check_default_credentials.py -> brute force logins using a predefined list of username + password combos against ssh & telnet servers running on localhost ✅
lesson_5: use pyinstaller to package malicious python scripts as executables, targeting the Autorun feature of older Windows versions ✅
lesson_6: create a fake login page to phish for user credentials ✅
lesson_7: TBC
lesson_8: TBC
lesson_9: hijack execution flows by cloning & manipulation path/alias variables ✅
lesson_10: add generated .exes to Windows Registry, allowing malicious software to run on Logon ✅
lesson_11: hijacks the python library search order to instead invoke a fake library ✅
lesson_12: targets & deletes identified programs to lower defenses ✅

Orbstack: whip up lightweight virtual Linux machines to test out scripts or run ssh connections
UTM: run Windows/Linux VMs on-demand on Mac

Name		Name	Last commit message	Last commit date
Latest commit History 31 Commits
lesson_10_logon_scripts		lesson_10_logon_scripts
lesson_11_library_injection		lesson_11_library_injection
lesson_12_defense_evasion		lesson_12_defense_evasion
lesson_12_defense_evasion_2		lesson_12_defense_evasion_2
lesson_1_reading_packets		lesson_1_reading_packets
lesson_2_port_scanning		lesson_2_port_scanning
lesson_3_dns_mapping		lesson_3_dns_mapping
lesson_4_account_discovery		lesson_4_account_discovery
lesson_5_auto_run		lesson_5_auto_run
lesson_6_malicious_links		lesson_6_malicious_links
lesson_7_scheduled_execution		lesson_7_scheduled_execution
lesson_9_hijack_execution_flow		lesson_9_hijack_execution_flow
.gitignore		.gitignore
README.md		README.md
requirements.txt		requirements.txt