Déborah Servili
531595c944
##comma##
2017-04-14 14:52:23 +02:00
Déborah Servili
54512eb840
Add some tools/threat actor
2017-04-14 14:48:39 +02:00
Déborah Servili
9412519502
correct copypasta mistake
2017-04-12 16:11:57 +02:00
Déborah Servili
bbc2b79a5e
add tools from https://www.fireeye.com/blog/threat-research/2017/04/apt10_menupass_grou.html
2017-04-12 16:07:48 +02:00
Déborah Servili
8a645f42c9
update tool
2017-04-11 16:06:27 +02:00
Déborah Servili
7b5aaaeff2
json fix
2017-04-11 14:18:29 +02:00
Déborah Servili
eee2c6d6b5
update tool's galaxy using http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html
2017-04-11 14:09:44 +02:00
bbf6716c73
Longhorn (CIA) added
2017-04-10 20:22:57 +02:00
ab5b73a3cd
Sathurbot added
2017-04-06 20:49:53 +02:00
8c09223477
The product from NSO Group Technologies added to the list of tools.
...
The Pegasus name is used as synonym of Chrysaor ;-)
2017-04-04 20:42:08 +02:00
0578d7b7b1
The mysterious ZIRCONIUM activity group added
2017-04-03 19:44:36 +02:00
nyx0
78cdb10aae
Add new Sednit name according to https://www.secureworks.com/research/iron-twilight-supports-active-measures
2017-03-31 09:28:50 -04:00
b3f1069686
Trochilus and MoonWind RATs added
2017-03-30 15:01:23 +02:00
f0e42a1818
KHRAT added
2017-03-29 16:37:31 +02:00
chrisdoman
dbf989c742
Added descriptions and reference to threat-actor json
2017-03-22 12:52:05 +00:00
Raphaël Vinot
e1b5701351
JQ all the things
2017-03-16 17:31:43 +01:00
Raphaël Vinot
0d8d265319
Fix typo.
2017-03-16 17:27:17 +01:00
CERT-Bund
4112a041f7
Added groups, joined groups, added synonyms (see extended description)
...
Added: HammerPanda, Barium, Infy, Sima, Groundbait
Joined: StrongPity and Promethium
Synonyms: Lead as Winnti, Moonlight as MoleRats, FalloutTeam as DarkHotel, DustStorm as StonePanda, Skipper and Popeye as Pacifier
2017-03-16 17:02:55 +01:00
71ad9099c4
IMEIJ added
2017-03-13 13:59:46 +01:00
e002e62204
missing \n at the end of the file
2017-03-01 14:55:45 +01:00
Chris Doman
9e5c983a65
Ran jq
2017-03-01 13:24:00 +00:00
Chris Doman
e934f88b3b
Added references
...
Mostly added references to existing groups
Capitalised DarkHotel, put a space in APT30 default name (the others
had that)
2017-03-01 12:53:52 +00:00
a224c7ce5e
add: Gamaredon Group added
2017-02-28 09:17:33 +01:00
Christophe Vandeplas
048b831f53
minor correction
2017-02-27 11:00:48 +01:00
Thanat0s
07cc13feb8
remove duplicate of ratdecode import
2017-02-27 00:38:39 +01:00
Thanat0s
9eb2d097f2
add a bunch of rat from ratdecoder list
2017-02-27 00:23:56 +01:00
Thanat0s
849ca3ebbc
Pimp Epic turla
2017-02-26 23:38:50 +01:00
Thanat0s
f1ea577e95
pimp and agreggate turla
2017-02-26 23:24:51 +01:00
Thanat0s
3774f05237
Somes alias fetch from : https://attack.mitre.org/wiki/Groups
2017-02-26 23:07:42 +01:00
Thanat0s
2d658a6577
pimp comrat
2017-02-26 22:53:51 +01:00
Thanat0s
b865342f2e
pimp xneteagle
2017-02-26 22:47:16 +01:00
Thanat0s
f4584f3900
pimp xscontrol
2017-02-26 22:41:51 +01:00
Thanat0s
b400edbe9b
Update Xagent from aptnote Bitdefender-Whitepaper-APT-Mac-A4-en-EN-web(02-23-2017)
2017-02-26 20:40:44 +01:00
Thanat0s
51eee31c21
Pimp lecna/Backspace
2017-02-26 20:16:59 +01:00
Thanat0s
0d0ba42f15
Pimp lecna/Backspace
2017-02-26 20:16:46 +01:00
Thanat0s
cdc80e5596
Pimp RarStone
2017-02-26 20:02:34 +01:00
Thanat0s
ca68abc0e8
Pimp Pirpi. Hard to say:)
2017-02-26 19:56:17 +01:00
Thanat0s
6e78746a6c
pimp webc2
2017-02-26 19:37:10 +01:00
Thanat0s
0775bfce62
pimp winnti
2017-02-26 19:26:21 +01:00
Thanat0s
8de827977c
Pimp nettraveler
2017-02-26 19:21:41 +01:00
Thanat0s
7d62d8c3e7
cleanup zeus duplicate in alias and name
2017-02-26 17:08:43 +01:00
Thanat0s
93df12be35
update apt28 tools
2017-02-26 17:06:19 +01:00
Thanat0s
afe682cf3f
Remove duplicate AlienSpy
2017-02-26 16:52:59 +01:00
Thanat0s
47903f8394
add info to the famous mimikatz
2017-02-25 02:28:43 +01:00
Thanat0s
d4e3a08995
add moudor info
2017-02-25 02:22:30 +01:00
Thanat0s
3d79a82bf5
Add Tinba banking
2017-02-25 02:08:51 +01:00
Thanat0s
7eb98609a3
udpate trojan.main
2017-02-25 01:42:33 +01:00
Thanat0s
59b5ed6c1b
update evilgrab
2017-02-25 01:30:10 +01:00
Thanat0s
724e836ae9
remove coreshell duplicate
2017-02-25 01:18:03 +01:00
Thanat0s
e98de5cb5e
add derusbi
2017-02-25 01:12:42 +01:00