Name | Tags | Incidents | Techniques |
---|---|---|---|
CommercialDual-use | |||
EnumerationActive Directory | |||
RAT | |||
Ransomware | |||
Attacker-sideToolkit | |||
Toolkit | |||
Toolkit | |||
TrojanMalware | |||
CommercialDual-use | |||
OffSecDual-use | |||
Webshell | |||
OffSecK8sAttacker-sideDual-use | |||
CryptominerCloud | |||
OffSecToolkitAttacker-sideDual-use | |||
OffSecToolkitAttacker-sideCloudDual-use | |||
Ransomware | |||
MalwareBackdoor | |||
Webshell | |||
Ransomware | |||
Toolkit | |||
OffSecDual-use | |||
Malware | |||
Malware | |||
Dual-use | |||
Malware | |||
Cryptominer | |||
Cryptominer | |||
RansomwareMalware | |||
OffSecK8sDual-use | |||
BackdoorLinux | |||
WormCryptominer | |||
Backdoor | |||
RAT | |||
Ransomware | |||
Webshell | |||
Proxy | |||
Trojan | |||
Ransomware | |||
OffSecCloudDual-use | |||
OffSecAttacker-sideCloudDual-use | |||
Rootkit | |||
OffSecDual-use | |||
Reverse shellMalware | |||
OffSecDual-use | Apache server Cryptojacking with Cobalt StrikeWidespread TeamCity exploitation (March ‘24)Agenda Ransomware Targets ESXi and vCenter ServersRansomware operators exploit ESXi vulnerabilityStorm-0501 Targeting Hybrid Environments with RansomwareEarth Kasha’s Campaign Exploiting Fortinet VulnerabilityCleo Vulnerabilities Targeted by Cl0p RansomwarePHP-CGI Vulnerability Exploited in Attacks Targeting JapanOperation LongFangEarth Lamia Custom Toolkit Targets Multiple Sectors via Web VulnerabilitiesUTG-Q-015 Exploits 0-Days for Espionage in AsiaUAT-7237 Targets Taiwanese Web Infrastructure Using Customized Open-Source Tools | ||
Cryptominer | |||
OffSecDual-use | |||
Dual-use | |||
BackdoorMalware | |||
Ransomware | |||
Webshell | |||
MalwareRAT | |||
Malware | |||
DDoS | |||
Backdoor | |||
MalwareWindows | |||
Malware | |||
Cryptominer | |||
ToolkitOffSecCloudDual-use | |||
Cryptominer | |||
Webshell | |||
Rootkit | |||
RAT | |||
Backdoor | |||
Proxy | |||
Botnet | |||
ToolkitWindowsLinuxMalware | |||
OffSecDual-use | |||
ToolkitOffSecCloudDual-use | |||
Windows | |||
Dropper | |||
ToolkitMalwareAttacker-side | |||
Commercial | |||
ProxyCloud | |||
BackdoorLinuxRootkit | |||
Commercial | |||
Ransomware | |||
Webshell | |||
Proxy | |||
OffSecDual-use | |||
Rootkit | |||
ToolkitCI/CDDual-use | |||
MalwareRAT | |||
Malware | |||
Cryptominer | |||
Botnet | |||
Webshell | From WSO2 RCE to SSH lateral movementFrom ActiveMQ to Godzilla webshellRedJuliett Exploiting VPN and Firewall VulnerabilitiesEarth Baku campaignGodzilla Backdoor Exploiting Confluence VulnerabilityDragonRank Targeting IIS Web ServersCode Injection Attacks Exploiting Publicly Disclosed ASP.NET KeysAttacks on Korean IIS & Linux Servers | ||
Botnet | |||
WormCryptominer | |||
ToolkitAttacker-side | |||
OffSecDual-use | |||
Cryptominer | |||
Cryptominer | |||
DDoSBotnet | |||
Ransomware | |||
Ransomware | |||
OffSecDual-use | |||
OffSecToolkitDual-use | |||
OffSecDual-use | |||
CommercialDual-useProxy | |||
DDoS | |||
Cloud | |||
RAT | |||
OffSecK8sDual-use | |||
K8sOffSecDual-use | |||
OffSecK8sDual-use | |||
OffSecK8sDual-use | |||
OffSecDual-use | |||
OffSecMalware | |||
ToolkitAttacker-side | |||
OffSecToolkitCloudDual-use | |||
MalwareRATReverse shell | |||
MalwareBackdoor | |||
OffSecDual-use | |||
OffSecDual-use | |||
Ransomware | |||
Cryptominer | |||
Botnet | |||
OffSecDual-use | |||
Ransomware | |||
Malware | |||
OffSecDual-use | |||
OffSecDual-use | |||
Ransomware | |||
Dual-use | RE#TURGENCE MSSQL Server RansomOpScattered Spider SaaS targeting (2024)DragonRank Targeting IIS Web ServersSharePoint Vulnerability Exploited in-the-WildState-Sponsored APT Abuse Visual Studio Code in AttacksStorm-0501 attacking hybrid environments with ransomwarePHP-CGI Vulnerability Exploited in Attacks Targeting JapanOperation LongFangUAT-7237 Targets Taiwanese Web Infrastructure Using Customized Open-Source ToolsWarlock Ransomware Exploiting Sharepoint Vulnerabilities | ||
OffSecMalwareDual-use | |||
OffSecDual-use | |||
Cryptominer | |||
Ransomware | |||
MalwareTrojanRATBackdoor | |||
Dual-use | |||
Ransomware | |||
OffSecDual-use | |||
Reverse shell | |||
BotnetCryptominer | |||
RAT | |||
DDoSBotnet | |||
Cryptominer | |||
OffSecDual-use | |||
ProxyDual-use | |||
OffSecK8sDual-use | |||
ToolkitCloudDual-use | |||
OffSecDual-use | |||
Botnet | |||
OffSecDual-use | |||
CommercialDual-useProxy | |||
Dual-use | |||
Cryptominer | |||
OffSecProxyDual-use | |||
Ransomware | |||
OffSecK8sDual-use | |||
Malware | |||
Rootkit | |||
Cloud | |||
OffSecDual-use | |||
Cryptominer | |||
OffSecDual-use | |||
OffSecDual-use | |||
Dual-use | |||
Dual-use | |||
Linux | |||
Botnet | |||
MalwareCryptominer | |||
Malware | |||
CryptominerMalware | |||
OffSecDual-use | |||
OffSecDual-use | From PHP exploitation to AWS lateral movementFrom PHP vuln to Sliver execution via cronCloudflare incident following Okta breachSliver deployment via Confluence vulnerabilityTeamTNT’s Docker Gatling Gun CampaignUNC5174 Linux Espionage CampaignIvanti EPMM RCE Vulnerability Chain Exploited in the WildDripDropper Malware Exploits Patched Apache ActiveMQ for Persistence on Cloud Linux Systems | ||
LinuxRootkit | |||
ToolkitAttacker-side | |||
ProxyDual-use | |||
Cryptominer | |||
OffSecWormDual-use | |||
OffSecToolkitCloudDual-use | |||
OffSecK8sCloudDual-use | |||
Backdoor | |||
BackdoorOffSec | |||
CryptominerBotnet | |||
Malware | |||
Dropper | |||
Ransomware | |||
OffSecDual-use | |||
ToolkitAttacker-side | |||