This repository was created with the aim of assisting companies and independent researchers about Tactics, Techniques and Procedures adopted by Ransomware Operators/Groups active or not and also threat actors that are operating in society.
In addition to mapping Tactics, Techniques and Procedures, I am inserting data on commands, tools, useful locations for researching artifacts and others.
The main focus is to assist organizations and individual researchers on each type of actor, providing a summary of their trajectory and additional information that can be used.
| FOLDER | DESCRIPTION |
|---|---|
| Actor’s Name | Description of activities, operation details, TTPs and Tools used |
| Commands | Repository intended to insert commands captured based on DFIR and CTI activities of Threat Actors, Ransomware groups and affiliates |
| Payload locations | Repository designed to inform locations commonly used to execute ransomware and other threats |
Java remains one of the most widely used programming platforms for servers, enterprise applications, Android…
Ubuntu users often download software directly from developer websites instead of using the default app…
Installing Ubuntu 26.04 LTS is only the first step toward building a smooth, secure, and…
What is a Software Supply Chain Attack? A software supply chain attack occurs when a…
When people ask how UDP works, the simplest answer is this: UDP sends data quickly…
Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…