Initial commit - 611 cybersecurity skills across all subdomains

This commit is contained in:
mukul975
2026-02-25 10:47:44 +01:00
commit 22a7ab1462
1765 changed files with 280648 additions and 0 deletions
@@ -0,0 +1,20 @@
# Standards Reference: Mobile Malware Detection
## OWASP Mobile Top 10 2024
| ID | Risk | Malware Relevance |
|----|------|-------------------|
| M2 | Inadequate Supply Chain Security | Trojanized apps, repackaged malware |
| M8 | Security Misconfiguration | Excessive permissions enabling malware |
## NIST SP 800-163 Rev 1
- Section 5: Mobile app vetting for malware indicators
- Section 6: Enterprise mobile device management for malware prevention
## MITRE ATT&CK Mobile Matrix
| Tactic | Technique | Indicator |
|--------|-----------|-----------|
| Initial Access | T1444: Masquerade as Legitimate App | App name/icon spoofing |
| Collection | T1412: Capture SMS Messages | SMS permission + network |
| Exfiltration | T1437: Standard Application Layer Protocol | HTTP POST to C2 |
| Command and Control | T1437.001: Web Protocols | HTTPS beaconing |
| Impact | T1471: Data Encrypted for Impact | File encryption + ransom |
@@ -0,0 +1,18 @@
# Workflows: Mobile Malware Detection
## Workflow 1: Malware Triage Pipeline
```
[Receive sample] --> [Hash & VirusTotal check] --> [Known malware?]
/ \
[Yes: Report] [No: Continue]
|
[MobSF static scan] --> [Permission analysis]
|
[Dynamic execution in sandbox]
[Network monitoring]
[Behavior monitoring with Frida]
|
[Classify malware type]
[Extract IOCs (domains, IPs, hashes)]
[Generate report]
```