The Ransomware Tool Matrix is a comprehensive repository that catalogs the tools and techniques used by various ransomware gangs and extortionist groups. It serves multiple purposes: 1. Provides a list of tools for threat hunting in environments. 2. Offers leads for incident response engagements. 3. Helps identify patterns of behavior among ransomware affiliates. 4. Serves as a resource for threat intelligence-led purple team engagements. The matrix includes categories such as RMM Tools, Exfiltration Tools, Credential Theft Tools, Defense Evasion Tools, Networking Tools, Discovery Tools, Offensive Security Tools, and Living-off-the-Land Binaries and Scripts. It also contains threat intelligence sources, profiles of ransomware groups, and additional resources for understanding ransomware adversaries. While useful for cybersecurity professionals, the matrix comes with challenges, such as distinguishing between legitimate and malicious use of listed tools within an organization.
FEATURES
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
ALTERNATIVES
Python APIs for serializing and de-serializing STIX2 JSON content with higher-level APIs for common tasks.
Real-time, container-based file scanning system for threat hunting and incident response.
Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.
Tools to export data from MISP MySQL database for post-incident analysis and correlation.
Akamai Hunt is a managed threat hunting service that detects and remediates evasive security risks in network environments using data analysis, AI, and expert investigation.
A repository to aid Windows threat hunters in looking for common artifacts.