When doing an analysis on any systems, it's important to ensure that actions do not negatively affect the system in review. While this is a noble goal, it's not always a realistic goal. To deconflict who/how in the aftermath, we recommend using the script
command.
To check for unix system vulnerabilities, we recommend using the tools listed below:
Both of these are formidable tool sets and both of are freely available.
de Mendonça, João Collier HOW TO ROCK WITH DNS: Patterns for Detection and Faster Spotting of Malicious Activities
Roberts, Keelyn. Finding Evil in DNS Traffic
Roberts, Scott. Awesome IOCs
Taylor, Austin. Detect Beaconing with Flare, Elastic Stack, and Intrusion Detection Systems
Ueltschi, Tom. Advanced Incident Detection and Threat Hunting using Sysmon and Splunk