Blue Team Menu
Blue Team Menu is born for organizing in pretty manner the main security defensive tools that users need to start their Blue Team activity. It is deployed in different manner according to the installed environment.
In GNOME, it consists of two levels:
- 1st level containing the NIST Cybersecurity Framework phases
- 2nd level consisting of defensive tools deployed for each NIST category
Blue Team menu can be accessed by CTRL+ALT+A.
In details:
| Identify | Spiderfoot | Wapiti | Maltego | OWASP ZAP | Searchsploit | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Protect | ClamAV | Firewall Builder | ||||||||
| Detect | SentryPeer | |||||||||
| Respond | Foremost | Wireshark | OllyDbg | netsniff-ng | Mactime | ILS | ICAT | Guymager | Ghidra | Galleta |
| Recover | Scrounge NTFS |
In other environments, it reflects the classic menu layout in Linux. For example:
At the beginning, these tools are not installed to avoid that users would store in the disk space installed tools or services that never use. For users that would like to get these main tools, the Blue Teamer role must be chosen on the Welcome App.