crocodyli / ThreatActors-TTPs
Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.
☆285Updated last week
Alternatives and similar repositories for ThreatActors-TTPs:
Users that are interested in ThreatActors-TTPs are comparing it to the libraries listed below
- A collection of phishing samples for researchers and detection developers.☆304Updated 3 months ago
- ☆173Updated last year
- CLI tools for forensic investigation of Windows artifacts☆328Updated 5 months ago
- A tool matrix for Russian APTs based on the Ransomware Tool Matrix☆202Updated 4 months ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆49Updated this week
- DFIR LABS - A compilation of challenges that aims to provide practice in simple to advanced concepts in the following topics: Digital For…☆189Updated last month
- This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation inc…☆626Updated last week
- A collection of CVEs weaponized by ransomware operators☆111Updated 2 weeks ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆183Updated 3 months ago
- DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!☆227Updated 2 weeks ago
- A collection of companies that disclose adversary TTPs after they have been breached☆244Updated 11 months ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆196Updated 9 months ago
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆333Updated 7 months ago
- Advanced Bash script designed for conducting digital forensics on Linux systems☆141Updated 11 months ago
- ☆158Updated last year
- MISP Playbooks☆189Updated last month
- A repository of advice and guides to share with friends and family who are concerned about their safety during online activities and the …☆125Updated last year
- LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.☆184Updated last month
- ☆237Updated 2 months ago
- ThreatSeeker: Threat Hunting via Windows Event Logs☆120Updated last year
- An Archive of Ransomware Notes Past and Present Collected by Zscaler ThreatLabz☆351Updated last week
- An open-source self-hosted purple team management web application.☆265Updated this week
- KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).☆221Updated 8 months ago
- Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…☆409Updated 2 weeks ago
- Free training course offered at Hack Space Con 2023☆138Updated last year
- A RedTeam Toolkit☆394Updated this week
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Updated 4 months ago
- ☆447Updated 2 weeks ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆147Updated 6 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆153Updated 10 months ago