Utilities

This repository contains tools used by 401trg.

Our public PGP Key can be found here.

Reports

| Published | Post | Utilities | |-------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------| | May 03, 2018 | Burning Umbrella: An Intelligence Report on the Winnti Umbrella and Associated State-Sponsored Attackers | | | Apr 02, 2018 | Building a Data Lake for Threat Research | | | Feb 22, 2018 | Analysis of Active Satori Botnet Infections | | | Dec 20, 2017 | An Introduction to SMB for Network Security Analysts| | | Nov 28, 2017 | Triaging Large Packet Captures - Methods for Extracting & Analyzing Domains | popularDomains.py | | Nov 14, 2017 | Using Emerging Threats Suricata Ruleset to Scan PCAP | suricata_et_rule_update.py | | Nov 01, 2017 | Exposing a Phishing Kit | | | Oct 26, 2017 | Large Scale IRCbot Infection Attempts | | | Oct 16, 2017 | An Update on Winnti | | | Oct 10, 2017 | Turla Watering Hole Campaigns 2016/2017 | | | Oct 02, 2017 | Identifying and Triaging DNS Traffic on Your Network| | | Sept 28, 2017 | Triaging Large Packet Captures - 4 Key TShark Commands to Start Your Investigation | | | Jul 11, 2017 | Winnti (LEAD/APT17) Evolution - Going Open Source | |

License

All data is provided under Apache License, Version 2.0 which can be found here.