Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/ditekshen/back-in-2017

The Kill Chain Evolution of a Middle Eastern Threat Actor Intelligence from Seventeen Months of Deception and Analysis of Politically Targeted Malware Attacks
https://github.com/ditekshen/back-in-2017

android attack clamav deception houdini kill-chain malware memory-forensics meterpreter middle-east mitre-attack political python scoute-elite sigma threat-actors threat-intelligence yara

Last synced: 3 months ago
JSON representation

The Kill Chain Evolution of a Middle Eastern Threat Actor Intelligence from Seventeen Months of Deception and Analysis of Politically Targeted Malware Attacks

Awesome Lists containing this project

README 

        
# back-in-2017

### The Kill Chain Evolution of a Middle Eastern Threat Actor - Intelligence from Seventeen Months of Deception and Analysis of Politically Targeted Malware Attacks



In 2017, when I was still learning my way, I tracked and deceived a threat actor for 17 months, until my cover was eventually blown. At the time, coinciding with several geopolitical crises, my evaluation of the potential consequences of publishing the report had higher risk than I, or the people around me, would tolerate. The report was never published.



While this was personal work, I tried to implement enterprise quality incident response, analysis, forensics, and documentation. Some of the authored detection was added to https://github.com/ditekshen/detection.



This is an anonymized and unedited - since then - version of that report. The data in the report may still be valuable and relevant from a hoslistic attack progression point of view.