https://github.com/danielplohmann/tars
The Threat Actor Rosetta Stone (TARS) is a public listing to keep track of who keeps calling which actor groups by which names.
https://github.com/danielplohmann/tars
Last synced: 5 months ago
JSON representation
The Threat Actor Rosetta Stone (TARS) is a public listing to keep track of who keeps calling which actor groups by which names.
- Host: GitHub
- URL: https://github.com/danielplohmann/tars
- Owner: danielplohmann
- License: gpl-3.0
- Created: 2018-11-07T16:30:18.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2019-03-07T15:28:33.000Z (over 7 years ago)
- Last Synced: 2025-06-21T23:32:41.482Z (about 1 year ago)
- Homepage:
- Size: 157 KB
- Stars: 10
- Watchers: 4
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# TARS
The Threat Actor Rosetta Stone (TARS) is a public listing to keep track of who keeps calling which actor groups (when) by which names.
Together with the [curated threat actor galaxy cluster of MISP](https://github.com/MISP/misp-galaxy/blob/master/clusters/threat-actor.json), it should become easily possible to translate names into one common scheme (e.g. all groups in FireEye APT/FIN-X or CrowdStrike animal park language).
That MISP inventory was also used to bootstrap TARS.
Apart from that, it's probably a cool addition to [APTnotes](https://github.com/aptnotes/data/blob/master/APTnotes.csv).
### Pull Requests Welcome!
Since it's super easy to edit text/csv files on github, feel free to add any (primary) threat actor names you spot in analysis reports, blogs, etc.
It's also perfectly cool to have multiple entries per group name and naming entity!
Completeness is key!
Just make sure the sorting is maintained. ;)