Collection Chains


Release Date (Newest)
Filterfilter
Search for chains, TTPs, themes, and text

Browse By:

Platforms

  • All
  • Windows
  • Darwin
  • Linux
  • Global
  • Android

Themes

Tags

Licenses

Is my host protected against Seatbelt?

2023-01-24

/static/assets/windows-logo.svg
Deploy Seatbelt to enumerate the local system.
Is my host protected against Cuba Ransomware?

2022-12-27

/static/assets/windows-logo.svg
Stage and execute Cuba Ransomware.
Is my host protected against APT37?

2022-12-19

/static/assets/windows-logo.svg
Stage and execute APT37.
Is this host protected from Qakbot?

2022-08-15

/static/assets/windows-logo.svg
Emulates Qakbot's privilege escalation, defense evasion and data collection/exfiltration tactics.
APT38 Sony Hack

2022-05-24

/static/assets/windows-logo.svg
A Prelude portrayal of the 2014 hack on Sony attributed to APT38.
APT40 Find and Exfiltrate

2022-05-10

/static/assets/linux-logo.svg/static/assets/apple-logo.svg/static/assets/windows-logo.svg
Find and exfiltrate files that potentially contain cleartext usernames or passwords based on filename.
ExBox

2022-03-29

/static/assets/windows-logo.svg
Emulating RNC hack in 2021
APT29 Democratic National Committee

2022-03-01

/static/assets/windows-logo.svg
Emulating Cozy Bear's 2016 Democratic National Committee hack.
Conti Collect and Exfiltrate

2022-02-08

/static/assets/windows-logo.svg
Automatically collect information and exfiltrate with rclone to a cloud service.
Windows LotL Ransomware

2021-12-21

/static/assets/windows-logo.svg
Deploy a Windows live-off-the-land ransomware attack.
Linux LotL Ransomware

2021-12-14

/static/assets/linux-logo.svg
Deploy a linux live-off-the-land ransomware attack.
Android ADB Shell

2021-12-07

/static/assets/android-logo.svg
A first collection of TTPs for Android specifically targeting ADB shell commands
Vulnerable Certificates

2021-10-19

/static/assets/windows-logo.svg
Ingress, load, and run Certify to find vulnerable certificates.
JXA Modules

2021-10-05

/static/assets/apple-logo.svg
Use JXA to create a fully modular file-less implant that dynamically resolves and load modules at runtime.
SharpHound

2021-09-07

/static/assets/windows-logo.svg
Ingress, load, and run the SharpHound collector.
Kaseya VSA Attack

2021-08-16

/static/assets/windows-logo.svg
Side-load an agent using components of the REvil ransomware attack kill chain.
File Hunter

2021-08-10

/static/assets/windows-logo.svg/static/assets/linux-logo.svg/static/assets/apple-logo.svg
Automatically discover and prepare files for exfiltration.
Ransomware

2021-08-10

/static/assets/windows-logo.svg/static/assets/linux-logo.svg/static/assets/apple-logo.svg
Deploy a safe cross-platform ransomware attack.
GhostLoader

2021-07-06

/static/assets/windows-logo.svg
Use the "GhostLoader" technique to run assemblies compiled on the target system.