@spaceghostcyber.bsky.social
Threat actors see ESXi envs as soft targets with high ROI for them, see #ScatteredSpider. Tests & validation like this should be done to determine - do you have the right logs, can you detect the techniques, and can you prevent execution where applicable. TYVM @n-burns.bsky.social!
Looking to start deploying detections in ESXi environments? I'm releasing ESXi Testing Toolkit: github.com/AlbinoGazell...
It's a Python-based CLI tool that contains adversary tests from places like LOLESXi and Atomic Red Team. It features 21 different tests, 18 pre-made Sigma rules, and much more!
It's a Python-based CLI tool that contains adversary tests from places like LOLESXi and Atomic Red Team. It features 21 different tests, 18 pre-made Sigma rules, and much more!
GitHub - AlbinoGazelle/esxi-testing-toolkit: 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections. - AlbinoGazelle/esxi-testing-toolkit
github.com
January 14, 2025 at 4:40 AM
Threat actors see ESXi envs as soft targets with high ROI for them, see #ScatteredSpider. Tests & validation like this should be done to determine - do you have the right logs, can you detect the techniques, and can you prevent execution where applicable. TYVM @n-burns.bsky.social!