Skip to content

DkumarSTL/AutonomousThreatSweeper

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

988 Commits
UAC0035_InvisiMole_targeting_Ukrainain_Government
UAC0035_InvisiMole_targeting_Ukrainain_Government
 
 
AKH_RAT_Loader
AKH_RAT_Loader
 
 
ALPHV_Ransomware_Affiliate_group_targets_VMware_ESXi
ALPHV_Ransomware_Affiliate_group_targets_VMware_ESXi
 
 
APT27_GermanCampaign
APT27_GermanCampaign
 
 
APT28_leveraging_malicious_program_CredoMap_v2
APT28_leveraging_malicious_program_CredoMap_v2
 
 
APT29_Abusing_Legitimate_Software_For_Targeted_Operations_In_Europe
APT29_Abusing_Legitimate_Software_For_Targeted_Operations_In_Europe
 
 
APT29_Bear_Tracks
APT29_Bear_Tracks
 
 
APT29_ElectionThemedFraudPhishingCampaign
APT29_ElectionThemedFraudPhishingCampaign
 
 
APT29_deploying_BEATDROP_and_BOOMMIC_downloaders
APT29_deploying_BEATDROP_and_BOOMMIC_downloaders
 
 
APT31
APT31
 
 
APT32_connection_with_StrikeSuit_Gift_malware_sourcecode
APT32_connection_with_StrikeSuit_Gift_malware_sourcecode
 
 
APT34_targets_Jordan_Government_using_new_Saitama_backdoor
APT34_targets_Jordan_Government_using_new_Saitama_backdoor
 
 
APT35_Log4jExploit
APT35_Log4jExploit
 
 
APT35_automates_Initial_Access_using_ProxyShell
APT35_automates_Initial_Access_using_ProxyShell
 
 
APT36_ATTACKCHAIN
APT36_ATTACKCHAIN
 
 
APT40
APT40
 
 
APT41_ColunmTK
APT41_ColunmTK
 
 
APT41_targeting_US_Government
APT41_targeting_US_Government
 
 
APTC53_or_Gamaredon_new_DDoS_Attack_mission
APTC53_or_Gamaredon_new_DDoS_Attack_mission
 
 
APT_FIN7_Malware
APT_FIN7_Malware
 
 
Abcbot
Abcbot
 
 
AbuseCh_Malware_Bazaar
AbuseCh_Malware_Bazaar
 
 
AcidRain_wiper_malware_targets_Viasat_KASAT_modems
AcidRain_wiper_malware_targets_Viasat_KASAT_modems
 
 
AdLoad
AdLoad
 
 
Ageddomains_SolarWinds
Ageddomains_SolarWinds
 
 
AgentTesla
AgentTesla
 
 
Agent_Tesla_RAT_campiagn
Agent_Tesla_RAT_campiagn
 
 
Agrius
Agrius
 
 
All_about_ITG23_Crypters
All_about_ITG23_Crypters
 
 
Analysis_of_Black_Basta_Ransomware
Analysis_of_Black_Basta_Ransomware
 
 
Analysis_of_the_HUI_Loader
Analysis_of_the_HUI_Loader
 
 
Andariel
Andariel
 
 
Aoqin_Dragon_Chinese_linked_APT_spying_for_10 years
Aoqin_Dragon_Chinese_linked_APT_spying_for_10 years
 
 
AridViperAPT_newcampaign
AridViperAPT_newcampaign
 
 
Arid_Viper_using_Arid_Gopher_malware
Arid_Viper_using_Arid_Gopher_malware
 
 
Arkei_Infostealer_utilizing_SmokeLoader
Arkei_Infostealer_utilizing_SmokeLoader
 
 
Armageddon_APT_deploys_new_malware_variant_against_Ukraine
Armageddon_APT_deploys_new_malware_variant_against_Ukraine
 
 
AsyncRAT_targeting_Colombian_Organisations
AsyncRAT_targeting_Colombian_Organisations
 
 
Asyncrat_newcampaign
Asyncrat_newcampaign
 
 
AtomSilo
AtomSilo
 
 
Attack_involving_SocGholish_and_Zloader
Attack_involving_SocGholish_and_Zloader
 
 
Attackers_Use_Event_Logs_to_Hide_Fileless_Malware
Attackers_Use_Event_Logs_to_Hide_Fileless_Malware
 
 
AutomCryptominingCampaign
AutomCryptominingCampaign
 
 
Avaddon
Avaddon
 
 
AvosLocker
AvosLocker
 
 
AvosLocker_Ransomware_new_variant_scans_for_Log4shell
AvosLocker_Ransomware_new_variant_scans_for_Log4shell
 
 
AvosLocker_group_new_variant_targets_Linux_systems
AvosLocker_group_new_variant_targets_Linux_systems
 
 
B1txor20_Botnet_exploits_Log4j_vulnerability
B1txor20_Botnet_exploits_Log4j_vulnerability
 
 
BABYSHARK_Malware
BABYSHARK_Malware
 
 
BITB_attack_impersonating_Indian_government_website
BITB_attack_impersonating_Indian_government_website
 
 
BLISTER_&_SocGholish_loaders_delivering_LockBit_Ransomware
BLISTER_&_SocGholish_loaders_delivering_LockBit_Ransomware
 
 
BRATARATmalware
BRATARATmalware
 
 
Babuk
Babuk
 
 
BackdoorDiplomacy
BackdoorDiplomacy
 
 
Bahamut_Group_recent_attacks
Bahamut_Group_recent_attacks
 
 
BankingTrojans
BankingTrojans
 
 
Batloader_malware
Batloader_malware
 
 
BazaFlix
BazaFlix
 
 
BazarBackdoor_malware_phishingcampaign
BazarBackdoor_malware_phishingcampaign
 
 
Belarusian_CyberPartisans
Belarusian_CyberPartisans
 
 
BhuntStealer
BhuntStealer
 
 
BiopassRAT
BiopassRAT
 
 
BitRAT malware
BitRAT malware
 
 
BitRAT_distributed_via_webhards
BitRAT_distributed_via_webhards
 
 
BitRAT_malware_disguised_as_office_Installer
BitRAT_malware_disguised_as_office_Installer
 
 
Bitter APT expands its target list
Bitter APT expands its target list
 
 
BizzaroTrojan
BizzaroTrojan
 
 
BlackByte_Ransomware's_Go_Based_Variants
BlackByte_Ransomware's_Go_Based_Variants
 
 
BlackByte_Ransomware
BlackByte_Ransomware
 
 
BlackCat_ALPHV_Ransomware_Indicators_of_Compromise
BlackCat_ALPHV_Ransomware_Indicators_of_Compromise
 
 
BlackCat_RansomwarE_Tehnical_Analysis
BlackCat_RansomwarE_Tehnical_Analysis
 
 
BlackCat_and_BlackMatter_ransomware_connection
BlackCat_and_BlackMatter_ransomware_connection
 
 
BlackCatransomware
BlackCatransomware
 
 
BlackCocaine
BlackCocaine
 
 
BlackGuard_New_infostealer_malware
BlackGuard_New_infostealer_malware
 
 
BlackKingdom
BlackKingdom
 
 
BlackMatter_Nov
BlackMatter_Nov
 
 
Black_Basta_Ransomware_leverage_QBot_for_lateral_movement
Black_Basta_Ransomware_leverage_QBot_for_lateral_movement
 
 
Black_Basta_Ransomware_targeting_ESXi_servers
Black_Basta_Ransomware_targeting_ESXi_servers
 
 
Black_Basta_ransomware_hijacks_Windows_fax_service
Black_Basta_ransomware_hijacks_Windows_fax_service
 
 
Blackcatransomware
Blackcatransomware
 
 
BlueNoroff
BlueNoroff
 
 
BotenaGo_newsamples
BotenaGo_newsamples
 
 
Brazilian_Trojan_targets_Portuguese_users
Brazilian_Trojan_targets_Portuguese_users
 
 
BuerLoaderIOCs
BuerLoaderIOCs
 
 
BuerLoader_STL
BuerLoader_STL
 
 
BumbleBee_Malware_Campaign
BumbleBee_Malware_Campaign
 
 
BumbleBee_Malware_getting_delivered_via_TransferXL_Urls
BumbleBee_Malware_getting_delivered_via_TransferXL_Urls
 
 
Bumblebee_Loader_on_the_rise
Bumblebee_Loader_on_the_rise
 
 
CABlessExploit
CABlessExploit
 
 
CAKETAP_Rootkit_deployed_by_UNC2891
CAKETAP_Rootkit_deployed_by_UNC2891
 
 
CISA_FiveHands
CISA_FiveHands
 
 
CISA_Malware_Analysis_Report_on_CaddyWiper
CISA_Malware_Analysis_Report_on_CaddyWiper
 
 
CISA_Malware_Analysis_Report_on_HermeticWiper
CISA_Malware_Analysis_Report_on_HermeticWiper
 
 
CISA_Malware_Analysis_Report_on_IsaacWiper_and _HermeticWizard
CISA_Malware_Analysis_Report_on_IsaacWiper_and _HermeticWizard
 
 
CONTI_and_EMOTET_Infrastructure
CONTI_and_EMOTET_Infrastructure
 
 
CONTI_and_EMOTET_Infrastructure
CONTI_and_EMOTET_Infrastructure
 
 
CVE_2022_1388_suspected_IP
CVE_2022_1388_suspected_IP
 
 
CVE_2022_30190_Microsoft_Support_Diagnostic_Tool_(MSDT)_RCE_Vulnerability
CVE_2022_30190_Microsoft_Support_Diagnostic_Tool_(MSDT)_RCE_Vulnerability
 
 
CaddyWiper_Malware
CaddyWiper_Malware
 
 

Repository files navigation

The repository provides threat hunting queries for various threats/attacks that can be leveraged directly within the Securonix Snypr platform. For every attack there are two files -

  1. SpotterQueries.txt - The file contains spotter queries that can be executed directly in Snypr to hunt for the respective threats.
  2. References.txt - The file contains references/links to sources from where the threat intelligence was collected.

About

Threat Hunting queries for various attacks

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published