https://github.com/andreacristaldi/APTmap

Graphical map of known Advanced Persistent Threats
https://github.com/andreacristaldi/APTmap

Last synced: about 2 months ago
JSON representation

Graphical map of known Advanced Persistent Threats

• Host: GitHub
• URL: https://github.com/andreacristaldi/APTmap
• Owner: andreacristaldi
• Created: 2020-07-27T06:06:36.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2023-10-16T17:26:26.000Z (about 2 years ago)
• Last Synced: 2024-10-09T10:03:11.672Z (about 1 year ago)
• Language: HTML
• Homepage: https://andreacristaldi.github.io/APTmap/
• Size: 23.1 MB
• Stars: 41
• Watchers: 4
• Forks: 13
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-lists - APTMAP

README

          
# APTmap

Graphical map of known Advanced Persistent Threats v2.2

https://andreacristaldi.github.io/APTmap/





An Advanced Persistent Threat (APT) is a stealthy computer network threat actor, nation state, state-sponsored group or non-state sponsored groups conducting large-scale targeted intrusions for specific goals, which gains unauthorized access to a computer network and remains undetected for an extended period.

Attribution is a very complex issue. This map is based on data from different sources (vendor, studies, reports, ...) and it is not a reliable source. The majority of the mappings rely on the findings in a single incident analysis. Groups often change their toolsets or exchange them with other groups. This makes attribution of certain operations extremely difficult. Information published here may be wrong, outdated, or may change based on evolving information.

Primary sources: MISP, MITRE, ETDA, VX-Underground

APTMalware - Advanced Persistent Threat MALWARE features and statistics




The data reported here are the result of a processing based on static analysis techniques performed on 29GB of malware samples attributed to APT groups, followed by a correlation process. The sample group is limited to PE Portable executable. The data in JSON format are available on the github repository.

	

Sample source: VX-Underground

	

Author

Project: Andrea Cristaldi Linkedin, Cybersec4


Data

The data is stored in JSON format and will be updated periodically.


License


Shield: [![CC BY 4.0][cc-by-shield]][cc-by]

This work is licensed under a

[Creative Commons Attribution 4.0 International License][cc-by].

[![CC BY 4.0][cc-by-image]][cc-by]

[cc-by]: http://creativecommons.org/licenses/by/4.0/

[cc-by-image]: https://i.creativecommons.org/l/by/4.0/88x31.png

[cc-by-shield]: https://img.shields.io/badge/License-CC%20BY%204.0-lightgrey.svg