diff --git a/README.md b/README.md index fa11ee3..8036b78 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,9 @@ to localized information (which is not shared) or additional information (that c # Available clusters +- [clusters/exploit-kit.json](clusters/exploit-kit.json) - Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits. It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years - [clusters/microsoft-activity-group.json](clusters/microsoft-activity-group.json) - Activity groups as described by Microsoft +- [clusters/tds.json](clusters/tds.json) - TDS is a list of Traffic Direction System used by adversaries. - [clusters/threat-actor.json](clusters/threat-actor.json) - Adversary groups - Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign. MISP - [clusters/tool.json](clusters/tool.json) - tool is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries. MISP