| Attack vector | Defensive tool | AniNIX Selection | | ------------- | -------------- | ----------------- | | Worms, virus | AV | Sharingan(ClamAV) | | Ransomware | Backups | Aether | | Trojan/Shims | code signing | GPG | | Rootkits | rkhunter/ASLR | | | keylogger | HIDS | Sharingan(ossec) | | Adware/spyware| DNS Blackhole | Pihole | | Shodan IoT | dedicated VLAN | 10.0.2.0/24 | | RATs | NIDS | Sharingan(zeek) | | Logic bomb | HA/Peer review |Inquisitorius(Git) | | Backdoors | Vuln scanners | OpenVAS | | SOCENG, phish | DLP (weak), edu| Markdown | | Nmap | Firewall | nftables | | DDoS | Cloudflare | Offline Git/DL | | DPI / MITM | Encryption | OpenSSH | | Buf overflow | ASLR | SAST/DAST | | XSS/XSRF | WAF / CSP | ??? | | ARP poison/amp| Managed switch | | | DNS hijack | DNS over HTTPS | Pihole 1.1.1.1 | | MitM | SSL | Let's Encrypt | | Zero day | Pentesting | Kali | | Spoofing | Physsec | | |Wireless replay| Strong creds | WPA2/AES, radiusd | | IV | Strong creds | WPA2/AES, radiusd | | Evil twin, etc| Wifi scanning | monitored Rpi NIC | | WPS | Don't. | | | Bluejacking | Don't Bluetooth| | | De-auth | 802.11x | | | B-day/rainbow | large hash | | | Dict., BF | 8x4 | Sora pwdPolicy | | Online BF | IPS |Sharingan(sshguard)| | PTH / replay | nonce salting | OpenSSH/SSL conf | | Weak implement|VCS config audit| Foundation(Gitea) | | Hacktivist/APT| SIGINT, OSINT | Singularity(TTRSS)| | Insiders | Role/work RNG | N/A | | Tailgating | Trained guards | Martial Arts | | Asset sprawl | IPAM w/ audits | Inventories | | 1.6 | Patching |Ubiqtorate(Ansible)|