Execution Blueprint

1. Recon: nmap --script ssl-enum-ciphers—cipher audit.

2. Exploit: sqlmap -u target --tamper=space2comment—SQLi bypass.

3. Harden: sysctl -w net.ipv4.conf.all.rp_filter=1—spoof block.

4. Monitor: Prometheus—node_cpu_seconds_total{mode="idle"}.

5. Respond: TheHive—case API triggers.