mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
add several tools and refs
This commit is contained in:
parent
954264c084
commit
14444e4321
3 changed files with 30 additions and 9 deletions
|
@ -286,7 +286,8 @@
|
|||
"refs": [
|
||||
"https://securelist.com/securelist/files/2016/02/KL_AdwindPublicReport_2016.pdf",
|
||||
"https://www.f-secure.com/v-descs/backdoor_java_adwind.shtml",
|
||||
"https://blog.fortinet.com/2016/08/16/jbifrost-yet-another-incarnation-of-the-adwind-rat"
|
||||
"https://blog.fortinet.com/2016/08/16/jbifrost-yet-another-incarnation-of-the-adwind-rat",
|
||||
"https://www.ncsc.gov.uk/content/files/protected_files/article_files/Joint%20report%20on%20publicly%20available%20hacking%20tools%20%28NCSC%29.pdf"
|
||||
],
|
||||
"synonyms": [
|
||||
"UNRECOM",
|
||||
|
@ -724,7 +725,8 @@
|
|||
"date": "2014",
|
||||
"refs": [
|
||||
"https://github.com/quasar/QuasarRAT",
|
||||
"https://researchcenter.paloaltonetworks.com/2017/10/unit42-tracking-subaat-targeted-phishing-attacks-point-leader-threat-actors-repository/"
|
||||
"https://researchcenter.paloaltonetworks.com/2017/10/unit42-tracking-subaat-targeted-phishing-attacks-point-leader-threat-actors-repository/",
|
||||
"https://www.ncsc.gov.uk/content/files/protected_files/article_files/Joint%20report%20on%20publicly%20available%20hacking%20tools%20%28NCSC%29.pdf"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -3278,5 +3280,5 @@
|
|||
"value": "NukeSped"
|
||||
}
|
||||
],
|
||||
"version": 20
|
||||
"version": 21
|
||||
}
|
||||
|
|
|
@ -105,7 +105,8 @@
|
|||
"https://www.proofpoint.com/us/exploring-bergard-old-malware-new-tricks",
|
||||
"http://www.isightpartners.com/2015/02/codoso/#sthash.VJMDVPQB.dpuf",
|
||||
"http://researchcenter.paloaltonetworks.com/2016/01/new-attacks-linked-to-c0d0s0-group/",
|
||||
"https://www.nytimes.com/2016/06/12/technology/the-chinese-hackers-in-the-back-office.html"
|
||||
"https://www.nytimes.com/2016/06/12/technology/the-chinese-hackers-in-the-back-office.html",
|
||||
"https://www.ncsc.gov.uk/content/files/protected_files/article_files/Joint%20report%20on%20publicly%20available%20hacking%20tools%20%28NCSC%29.pdf"
|
||||
],
|
||||
"synonyms": [
|
||||
"C0d0so",
|
||||
|
@ -995,7 +996,8 @@
|
|||
"country": "CN",
|
||||
"refs": [
|
||||
"http://researchcenter.paloaltonetworks.com/2017/02/unit42-menupass-returns-new-malware-new-attacks-japanese-academics-organizations/",
|
||||
"https://www.cfr.org/interactive/cyber-operations/apt-10"
|
||||
"https://www.cfr.org/interactive/cyber-operations/apt-10",
|
||||
"https://www.ncsc.gov.uk/content/files/protected_files/article_files/Joint%20report%20on%20publicly%20available%20hacking%20tools%20%28NCSC%29.pdf"
|
||||
],
|
||||
"synonyms": [
|
||||
"APT10",
|
||||
|
@ -5999,5 +6001,5 @@
|
|||
"value": "EvilTraffic"
|
||||
}
|
||||
],
|
||||
"version": 76
|
||||
"version": 77
|
||||
}
|
||||
|
|
|
@ -677,7 +677,8 @@
|
|||
"meta": {
|
||||
"refs": [
|
||||
"https://github.com/gentilkiwi/mimikatz",
|
||||
"https://researchcenter.paloaltonetworks.com/2017/07/unit42-twoface-webshell-persistent-access-point-lateral-movement/"
|
||||
"https://researchcenter.paloaltonetworks.com/2017/07/unit42-twoface-webshell-persistent-access-point-lateral-movement/",
|
||||
"https://www.ncsc.gov.uk/content/files/protected_files/article_files/Joint%20report%20on%20publicly%20available%20hacking%20tools%20%28NCSC%29.pdf"
|
||||
],
|
||||
"synonyms": [
|
||||
"Mikatz"
|
||||
|
@ -2049,9 +2050,15 @@
|
|||
"value": "Hoardy"
|
||||
},
|
||||
{
|
||||
"description": "HUC Packet Transmitter (HTran) is a proxy tool, used to intercept and redirect Transmission Control Protocol (TCP) connections from the local host to a remote host. This makes it possible to obfuscate an attacker's communications with victim networks. The tool has been freely available on the internet since at least 2009.\nHTran facilitates TCP connections between the victim and a hop point controlled by an attacker. Malicious cyber actors can use this technique to redirect their packets through multiple compromised hosts running HTran, to gain greater access to hosts in a network",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://www.secureworks.com/research/threats/htran/"
|
||||
"http://www.secureworks.com/research/threats/htran/",
|
||||
"https://www.ncsc.gov.uk/content/files/protected_files/article_files/Joint%20report%20on%20publicly%20available%20hacking%20tools%20%28NCSC%29.pdf"
|
||||
],
|
||||
"synonyms": [
|
||||
"HUC Packet Transmitter",
|
||||
"HTran"
|
||||
]
|
||||
},
|
||||
"uuid": "f3bfe513-2a65-49b5-9d64-a66541dce697",
|
||||
|
@ -7384,7 +7391,17 @@
|
|||
},
|
||||
"uuid": "9972d4c4-d6c6-11e8-867e-87b4a45aa76d",
|
||||
"value": "August"
|
||||
},
|
||||
{
|
||||
"description": "China Chopper is a publicly available, well-documented web shell, in widespread use since 2012.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.ncsc.gov.uk/content/files/protected_files/article_files/Joint%20report%20on%20publicly%20available%20hacking%20tools%20%28NCSC%29.pdf"
|
||||
]
|
||||
},
|
||||
"uuid": "1ac4a966-0c74-46d5-b7e1-a40f4c681bc8",
|
||||
"value": "China Chopper"
|
||||
}
|
||||
],
|
||||
"version": 98
|
||||
"version": 99
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue