This repository was created with the aim of assisting companies and independent researchers about Tactics, Techniques and Procedures adopted by Ransomware Operators/Groups active or not and also threat actors that are operating in society.
In addition to mapping Tactics, Techniques and Procedures, I am inserting data on commands, tools, useful locations for researching artifacts and others.
The main focus is to assist organizations and individual researchers on each type of actor, providing a summary of their trajectory and additional information that can be used.
STRUCTURE OF THE REPOSITORY
FOLDER | DESCRIPTION |
---|---|
Actor’s Name | Description of activities, operation details, TTPs and Tools used |
Commands | Repository intended to insert commands captured based on DFIR and CTI activities of Threat Actors, Ransomware groups and affiliates |
Payload locations | Repository designed to inform locations commonly used to execute ransomware and other threats |