THREAT ACTORS - TTPs

This repository was created with the aim of assisting companies and independent researchers about Tactics, Techniques and Procedures adopted by Ransomware Operators/Groups active or not and also threat actors that are operating in society.

In addition to mapping Tactics, Techniques and Procedures, I am inserting data on commands, tools, useful locations for researching artifacts and others.

The main focus is to assist organizations and individual researchers on each type of actor, providing a summary of their trajectory and additional information that can be used.

STRUCTURE OF THE REPOSITORY

FOLDER	DESCRIPTION
Actor's Name	Description of activities, operation details, TTPs and Tools used
Commands	Repository intended to insert commands captured based on DFIR and CTI activities of Threat Actors, Ransomware groups and affiliates
Payload locations	Repository designed to inform locations commonly used to execute ransomware and other threats

Questions: https://twitter.com/crocodylii

The aim is to map all possible strategies adopted by Ransomware operators and contributions are welcome!

Name		Name	Last commit message	Last commit date
Latest commit History 261 Commits
3AM		3AM
8base		8base
ALPHV-BlackCat		ALPHV-BlackCat
Akira		Akira
BianLian		BianLian
BlackBasta		BlackBasta
Cactus Ransomware		Cactus Ransomware
Cl0p		Cl0p
Comandos		Comandos
CrossLock		CrossLock
Cuba		Cuba
HsHarada		HsHarada
Hunters International		Hunters International
LockBit		LockBit
Magaskosh		Magaskosh
Play		Play
Rhysida		Rhysida
Yashma-Ator-Vietnamita		Yashma-Ator-Vietnamita
README.md		README.md

crocodyli/ThreatActors-TTPs

Folders and files

Latest commit

History

Repository files navigation

THREAT ACTORS - TTPs

STRUCTURE OF THE REPOSITORY

Questions: https://twitter.com/crocodylii

About

Topics

Resources

Stars

Watchers

Forks