APTnotes is a repository of publicly-available papers and blogs (sorted by year) related to malicious campaigns/activity/software that have been associated with vendor-defined APT (Advanced Persistent Threat) groups and/or tool-sets.
In the original repo, we maintained an ongoing README with links to all of the reports in some form (we tried) order. We also stored all of the reports in year named folders within the repo itself (we ran out of room).
To solve the storage problem, we have moved everything over to Box (thanks Box!). In order to maintain chronological order (and our sanity) we have migrated to CSV and JSON summary file(s).
Use one of the scripts within this repo: https://github.com/aptnotes/tools
APTnotes.csv This a CSV summary file used to keep track of all the data
Filename | Title | Source | Link | SHA-1 | Date | Year |
---|---|---|---|---|---|---|
Name of the file | Title of the report | Vendor | Box Link to the report | SHA-1 of report | Date of report release | Year of release |
APTnotes.json -- This is a converted version of the CSV format
Example
[{"sha1": "3e6399a4b608bbd99dd81bd2be4cd49731362b5e", "Title": "How China Will Use Cyber Warfare", "Filename": "Fritz_HOW-CHINA-WILL-USE-CYBER-WARFARE(Oct-01-08)", "Source": "Jason Fritz", "Link": "https://app.box.com/s/696xnzy1an3jbm3b212y5n8xieirbemd", "Year": "2008", "Date": "10/1/08"},
There are multiple ways to get a report added:
new report by vendor on this group - link #aptnotes
Like almost every open-source project, this is a labor of love. There are so many reports out there, and they either get lost in the mix or taken down before you get a chance to read them. This is our effort to:
At present (that we know of...) these current projects consume this repo and make magical things happen:
This project would not be where it is without the people that have helped along the way, thank you contributors