Command And Control Chains


Release Date (Newest)
Filterfilter
Search for chains, TTPs, themes, and text

Browse By:

Platforms

  • All
  • Windows
  • Darwin
  • Linux
  • Global
  • Android

Themes

Tags

Licenses

Is my host protected against APT37?

2022-12-19

/static/assets/windows-logo.svg
Stage and execute APT37.
Is my host protected against ngrok?

2022-12-13

/static/assets/linux-logo.svg/static/assets/apple-logo.svg/static/assets/windows-logo.svg
Stage and execute ngrok.
APT38 Pharmaceutical Attacks

2022-06-28

/static/assets/apple-logo.svg/static/assets/windows-logo.svg
Bypass MOTW execution restriction using a file archive.
GTsST Iron Viking AWFULSHRED

2022-06-22

/static/assets/linux-logo.svg
SSH worm which installs a wiper on the machine it has infected
APT38 CryptoSpy

2022-06-07

/static/assets/windows-logo.svg
Launch a pneuma agent hidden in a crypto ticker application.
APT38 Sony Hack

2022-05-24

/static/assets/windows-logo.svg
A Prelude portrayal of the 2014 hack on Sony attributed to APT38.
Spring4Shell

2022-04-21

/static/assets/terminal-logo.svg
Initial Access via Spring4Shell Exploit
APT40 maritime industry

2022-04-19

/static/assets/windows-logo.svg
Emulating APT40's malware persistence techniques.
APT40 defense industry

2022-04-12

/static/assets/windows-logo.svg
Emulating APT40's multi-stage macro-enabled documents.
Operation Ghost

2022-03-15

/static/assets/linux-logo.svg
Emulating APT 29 malware loader via steganography.
Sliver BOF and Execute-Assembly

2022-03-01

/static/assets/windows-logo.svg
Add a COFF loader, run BOFs and execute-assembly ttps.
Log4j Infrastructure

2022-01-13

/static/assets/linux-logo.svg
Stand up infrastructure to exploit CVE-2021-44228.
Vulnerable Certificates

2021-10-19

/static/assets/windows-logo.svg
Ingress, load, and run Certify to find vulnerable certificates.
B1-66ER (Discovery)

2021-10-12

/static/assets/linux-logo.svg
Perform discovery techniques to determine if an agent has access to a ML/DL environment.
JXA Modules

2021-10-05

/static/assets/apple-logo.svg
Use JXA to create a fully modular file-less implant that dynamically resolves and load modules at runtime.
B1-66ER (Initial Access)

2021-09-28

/static/assets/linux-logo.svg
Gain initial access by installing SciPy with concealed Schism agent
SharpHound

2021-09-07

/static/assets/windows-logo.svg
Ingress, load, and run the SharpHound collector.
JXA Access

2021-08-24

/static/assets/apple-logo.svg
Use JXA to load a file-less agent into memory and create persistence mechanisms on OS X.
Kaseya VSA Attack

2021-08-16

/static/assets/windows-logo.svg
Side-load an agent using components of the REvil ransomware attack kill chain.
Netsh Helper DLL

2021-08-10

/static/assets/windows-logo.svg
Create a Netsh helper DLL persistence.
Printnightmare

2021-08-10

/static/assets/windows-logo.svg
Escalate local privileges and spawn a SYSTEM-level agent by exploiting CVE-2021-34527 (PrintNightmare).
GhostLoader

2021-07-06

/static/assets/windows-logo.svg
Use the "GhostLoader" technique to run assemblies compiled on the target system.