Ransomware Tool Matrix Logo

Ransomware Tool Matrix

0
Free
Visit Website

The Ransomware Tool Matrix is a comprehensive repository that catalogs the tools and techniques used by various ransomware gangs and extortionist groups. It serves multiple purposes: 1. Provides a list of tools for threat hunting in environments. 2. Offers leads for incident response engagements. 3. Helps identify patterns of behavior among ransomware affiliates. 4. Serves as a resource for threat intelligence-led purple team engagements. The matrix includes categories such as RMM Tools, Exfiltration Tools, Credential Theft Tools, Defense Evasion Tools, Networking Tools, Discovery Tools, Offensive Security Tools, and Living-off-the-Land Binaries and Scripts. It also contains threat intelligence sources, profiles of ransomware groups, and additional resources for understanding ransomware adversaries. While useful for cybersecurity professionals, the matrix comes with challenges, such as distinguishing between legitimate and malicious use of listed tools within an organization.

FEATURES

ALTERNATIVES

A Python library for handling TAXII v1.x Messages and invoking TAXII Services.

TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.

API for querying domain security information, categorization, and related data.

In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.

PolySwarm is a malware intelligence marketplace that aggregates threat detection engines to provide early detection, unique samples, and higher accuracy.

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring.

A mapping tool that correlates MITRE ATT&CK techniques with atomic tests and detection rules to analyze security detection coverage.

Threat intelligence platform providing real-time threat data and insights.