• https://pberba.github.io/security/2022/01/30/linux-threat-hunting-for-persistence-systemd-timers-cron/#73-monitoring-addition-to-cron

https://github.com/m1k1o/neko https://docs.linuxserver.io/images/docker-kasm/#usage

https://zeek.org/

https://habr.com/ru/companies/npoechelon/articles/347702/ - Metasploit Framework

1. USG - Ubuntu Security Guide (usg) - DISA-STIG compliance - link Detail

     # USG - Ubuntu Security Guide (usg)
    
   sudo apt-get install libopenscap8
   oscap -v
   oscap -V  
    
   sudo apt install ubuntu-advantage-tools
   sudo ua attach |||||
   sudo ua enable usg
   sudo apt install usg -y
    
   # generate report in /var/lib/usg/ , report can show result.sh ./result_XXXXX.txt
   sudo usg audit cis_level1_server  > result_usg_$(date +"%y%m%d").txt
    
   TAILOR_FILENAME=tailor_cis_level1_server$(date +"%y%m%d").xml
    
   # generate tailor for customize  
   sudo usg generate-tailoring cis_level1_server $TAILOR_FILENAME
    
   #turn all off
   sed -i 's/selected="true"/selected="false"/g' $TAILOR_FILENAME
    
    
   # turn all what we need
   sed -i '/xccdf_org.ssgproject.content_rule_sshd_set_keepaliv/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
   sed -i '/xccdf_org.ssgproject.content_rule_sshd_set_idle_timeout/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
   sed -i '/xccdf_org.ssgproject.content_rule_sshd_disable_rhosts/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
   sed -i '/xccdf_org.ssgproject.content_rule_sshd_disable_root_login/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
   sed -i '/xccdf_org.ssgproject.content_rule_sshd_set_login_grace_time/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
   sed -i '/xccdf_org.ssgproject.content_rule_sshd_set_max_auth_tries/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
   sed -i '/xccdf_org.ssgproject.content_rule_sshd_set_maxstartups/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
   sed -i '/xccdf_org.ssgproject.content_rule_sshd_use_strong_ciphers/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
   sed -i '/xccdf_org.ssgproject.content_rule_sshd_use_strong_kex/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
   sed -i '/xccdf_org.ssgproject.content_rule_sshd_use_strong_macs/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
   sed -i '/xccdf_org.ssgproject.content_rule_file_permissions_sshd_config/s/selected="false"/selected="true"/g' $TAILOR_FILENAME
    
    
   usg audit --tailoring-file $TAILOR_FILENAME
    
    
   sudo usg generate-fix  --output ./fix.sh --tailoring-file $TAILOR_FILENAME

1. https://medium.com/@raveen.gatla/the-ultimate-guide-for-security-compliance-with-openscap-part-1-26da99824c1b

# https://medium.com/defense-unicorns/stig-scanning-with-openscap-675c7292d7cb
# Install OpenSCAP
sudo apt install libopenscap8
 
# Confirm installation and location of OpenSCAP
which oscap
 
# Confirm OpenSCAP version
oscap -V
 
# Install SCAP security guide targeting Debian-based OS
sudo apt install ssg-debderived
 
 
sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis_level1_server --results-arf arf.xml --report ./rep /usr/share/ubuntu-scap-security-guides/1/benchmarks/ssg-ubuntu2204-ds.xml > oscap_result_$(date +"%y%m%d").txt
 
# Download the latest Scap Security Guide
sudo wget https://github.com/ComplianceAsCode/content/releases/download/v0.1.69/scap-security-guide-0.1.69.zip
# Unzip Scap Security Guide
sudo unzip scap-security-guide-0.1.69.zip
cd scap-secuirty-guide-0.1.69/
ls
 
# Display a list of available Profiles
oscap info ssg-ubuntu2004-ds-1.2.xml
 
# Evaluate a STIG Profile and write XCCDF results into a report.html file
sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_stig \
--report report.html ssg-ubuntu2004-ds-1.2.xml