{"id":30739936,"url":"https://github.com/eremit4/Akamaru","last_synced_at":"2025-09-03T23:03:59.734Z","repository":{"id":176102030,"uuid":"474683818","full_name":"eremit4/Akamaru","owner":"eremit4","description":"Sniffing out well-known threat groups","archived":false,"fork":false,"pushed_at":"2024-08-13T20:02:24.000Z","size":547,"stargazers_count":28,"open_issues_count":0,"forks_count":1,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-08-13T23:12:44.450Z","etag":null,"topics":["apt-groups","cti","hunting","mitre-attack","mitre-attack-db","python","ransomlook","ransomware-resources","sentinelone","threat-hunting","threat-intelligence","threathunting","threatintel"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eremit4.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-27T15:48:28.000Z","updated_at":"2024-08-13T20:02:28.000Z","dependencies_parsed_at":"2023-12-14T20:46:45.661Z","dependency_job_id":"6a82594e-a4d7-4520-acef-2aee88640072","html_url":"https://github.com/eremit4/Akamaru","commit_stats":null,"previous_names":["eremit4/akamaru"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/eremit4/Akamaru","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eremit4%2FAkamaru","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eremit4%2FAkamaru/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eremit4%2FAkamaru/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eremit4%2FAkamaru/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eremit4","download_url":"https://codeload.github.com/eremit4/Akamaru/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eremit4%2FAkamaru/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273523664,"owners_count":25120864,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-03T02:00:09.631Z","response_time":76,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apt-groups","cti","hunting","mitre-attack","mitre-attack-db","python","ransomlook","ransomware-resources","sentinelone","threat-hunting","threat-intelligence","threathunting","threatintel"],"created_at":"2025-09-03T23:02:06.861Z","updated_at":"2025-09-03T23:03:59.679Z","avatar_url":"https://github.com/eremit4.png","language":"Python","funding_links":[],"categories":["python"],"sub_categories":[],"readme":"# Akamaru\n\u003eIn the day-to-day life of a CTI or Threat Hunting team, one of the main tasks is trying to answer the questions: who are my enemies? what are the threat groups that affect my industry?\nDoing this mapping can take an analyst many hours, even weeks. Considering the Threat Intelligence Lifecycle, Akamaru aims to automate the initial phase of Collect by collecting the threat groups and some relevant TTPs from [MITRE](https://attack.mitre.org/groups/), [Ransomware Anthology](https://www.sentinelone.com/anthology/) (SentinelOne), and [Ransomlook](https://www.ransomlook.io/recent), just informing the name of the sector of interest (e.g. financial, education, defense) or the name of the group (e.g. Akira, Lockbit) in order to get more information about it.\n\n![](./utils/akamaru_logo.png)\n\n## 🐾 Setup\n\nCloning the project:\n```bash\ngit clone https://github.com/eremit4/Akamaru.git\n```\nOptional - Creating a virtualenv before installing the dependencies\n\u003e Note: The use of virtual environments is optional, but recommended. In this way, we avoid possible conflicts in different versions of the project's dependencies.\n\u003e Learn how to install and use virtualenv according to your OS [here](https://virtualenv.pypa.io/en/latest/)\n\nInstalling the dependencies:\n```bash\npip install -r requirements.txt\n```\n\n## 🐶 Running\n\nDiscovering the project capabilities:\n```bash\npython akamaru.py --help\n```\n\nDiscovering which sectors are supported:\n```bash\npython akamaru.py -ss\n```\n\nFinding only the groups relevant to a given sector:\n```bash\npython akamaru.py --sector \u003cname\u003e\n```\n\nFinding the relevant groups for a given sector, their TTPs, and returning everything in a CSV file:\n```bash\npython akamaru.py --sector \u003cname\u003e --ttp --output\n```\n\nLooking for information about a particular group:\n```bash\npython akamaru.py --group \u003cname\u003e\n```\n\nLooking for ransomware activities:\n```bash\npython akamaru.py --ransomware-activities\n```\n\n## 🐕 Demo\n[![asciicast](https://asciinema.org/a/591986.svg)](https://asciinema.org/a/591986)\n\n## 📝 License\nThis project is under the [MIT License](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feremit4%2FAkamaru","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feremit4%2FAkamaru","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feremit4%2FAkamaru/lists"}