Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.
This repository was created with the aim of assisting companies and independent researchers about Tactics, Techniques and Procedures adopted by Ransomware Operators/Groups active or not and also threat actors that are operating in society.
In addition to mapping Tactics, Techniques and Procedures, I am inserting data on commands, tools, useful locations for researching artifacts and others.
The main focus is to assist organizations and individual researchers on each type of actor, providing a summary of their trajectory and additional information that can be used.
FOLDER | DESCRIPTION |
---|---|
Actor's Name | Description of activities, operation details, TTPs and Tools used |
Commands | Repository intended to insert commands captured based on DFIR and CTI activities of Threat Actors, Ransomware groups and affiliates |
Payload locations | Repository designed to inform locations commonly used to execute ransomware and other threats |
The aim is to map all possible strategies adopted by Ransomware operators and contributions are welcome!