This repository was created with the aim of assisting companies and independent researchers about Tactics, Techniques and Procedures adopted by Ransomware Operators/Groups active or not and also threat actors that are operating in society.
In addition to mapping Tactics, Techniques and Procedures, I am inserting data on commands, tools, useful locations for researching artifacts and others.
The main focus is to assist organizations and individual researchers on each type of actor, providing a summary of their trajectory and additional information that can be used.
| FOLDER | DESCRIPTION |
|---|---|
| Actor’s Name | Description of activities, operation details, TTPs and Tools used |
| Commands | Repository intended to insert commands captured based on DFIR and CTI activities of Threat Actors, Ransomware groups and affiliates |
| Payload locations | Repository designed to inform locations commonly used to execute ransomware and other threats |
Squid is a full-featured caching proxy server that supports HTTP, HTTPS, and FTP. It is most…
Chromium is a fast, lightweight, open-source web browser developed primarily by Google. It serves as the…
MySQL Workbench is a cross-platform graphical tool for MySQL database administration. It brings together everything a…
NFS (Network File System) is a distributed file sharing protocol that lets you mount remote directories…
VirtualBox is an open-source, cross-platform virtualization application that lets you run multiple operating systems simultaneously on…
SSH (Secure Shell) is a cryptographic network protocol that creates a secure, encrypted connection between your…