This repository was created with the aim of assisting companies and independent researchers about Tactics, Techniques and Procedures adopted by Ransomware Operators/Groups active or not and also threat actors that are operating in society.

In addition to mapping Tactics, Techniques and Procedures, I am inserting data on commands, tools, useful locations for researching artifacts and others.

The main focus is to assist organizations and individual researchers on each type of actor, providing a summary of their trajectory and additional information that can be used.

STRUCTURE OF THE REPOSITORY

FOLDERDESCRIPTION
Actor’s NameDescription of activities, operation details, TTPs and Tools used
CommandsRepository intended to insert commands captured based on DFIR and CTI activities of Threat Actors, Ransomware groups and affiliates
Payload locationsRepository designed to inform locations commonly used to execute ransomware and other threats

LEAVE A REPLY

Please enter your comment!
Please enter your name here