StrangerealIntel / EternalLiberty

186 stars 40 forks source link

EternalLiberty

Description

This repository contains all Threat Actor aliases used by different Threat Intelligence companies in their reports.

Objectives

This allows to find the Threats Actors that you want survey or search in getting the name used by different companies or for attribution of samples.

Search and threat actor profiles

Palo Alto
IBM X-Force
Malpedia
Kaspersky
MITRE
Crowdstrike
Mandiant
Secureworks
Dragos
Thales
Venafi
APTMAP
Thai CERT
CERT-UA
Microsoft

Naming scheme

Secureworks

Cybercrime -> Gold X
China -> Bronze X
India -> Zinc X
Iran -> Cobalt X
North Korea -> Nickel X
Pakistan -> Copper X
Palestine -> Aluminum X
Russia -> Iron X
South Korea -> Tungsten X
United States -> Platinum X
Vietnam -> Tin X
Emerging Threats -> MoonX ? (MOONSCAPE - TA445 - UAC-0051 - UNC1151)

PWC

North Korea-based (Black)
Russia-based (Blue)
China-based (Red)
Iran-based (Yellow)
India-based (Orange)
Five Eyes-based (Magenta)
Nigeria-based (Bronze)
Location agnostic or based out of multiple countries (Grey)
Cybercrime group (White)

Microsoft

image Credits: Microsoft