Ransomware Tool Matrix Logo

Ransomware Tool Matrix

0
Free
Visit Website

The Ransomware Tool Matrix is a comprehensive repository that catalogs the tools and techniques used by various ransomware gangs and extortionist groups. It serves multiple purposes: 1. Provides a list of tools for threat hunting in environments. 2. Offers leads for incident response engagements. 3. Helps identify patterns of behavior among ransomware affiliates. 4. Serves as a resource for threat intelligence-led purple team engagements. The matrix includes categories such as RMM Tools, Exfiltration Tools, Credential Theft Tools, Defense Evasion Tools, Networking Tools, Discovery Tools, Offensive Security Tools, and Living-off-the-Land Binaries and Scripts. It also contains threat intelligence sources, profiles of ransomware groups, and additional resources for understanding ransomware adversaries. While useful for cybersecurity professionals, the matrix comes with challenges, such as distinguishing between legitimate and malicious use of listed tools within an organization.

FEATURES

ALTERNATIVES

A tool designed to extract additional value from enterprise-wide AppCompat / AmCache data

A threat intelligence dissemination layer for open-source security tools with STIX-2 support and plugin-based architecture.

yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.

An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.

Repository of Yara Rules created by TjNel.

Repository of YARA rules for identifying and classifying malware.

ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.

RogueApps is a collaborative repository documenting TTPs of malicious OIDC/OAuth 2.0 applications for cybersecurity research and awareness.