Skip to content

The Kill Chain Evolution of a Middle Eastern Threat Actor Intelligence from Seventeen Months of Deception and Analysis of Politically Targeted Malware Attacks

Notifications You must be signed in to change notification settings

ditekshen/back-in-2017

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 

Repository files navigation

back-in-2017

The Kill Chain Evolution of a Middle Eastern Threat Actor - Intelligence from Seventeen Months of Deception and Analysis of Politically Targeted Malware Attacks

In 2017, when I was still learning my way, I tracked and deceived a threat actor for 17 months, until my cover was eventually blown. At the time, coinciding with several geopolitical crises, my evaluation of the potential consequences of publishing the report had higher risk than I, or the people around me, would tolerate. The report was never published.

While this was personal work, I tried to implement enterprise quality incident response, analysis, forensics, and documentation. Some of the authored detection was added to https://github.com/ditekshen/detection.

This is an anonymized and unedited - since then - version of that report. The data in the report may still be valuable and relevant from a hoslistic attack progression point of view.

Releases

No releases published

Packages

No packages published