The cti-lexicon from bushidouk

👋 Intro:

Open sources tools for CTI - Collection of resources for OSINT analysis
Exploring APT campaigns - VirusTotal Graphs and Maltego Diagrams
2x Insider Threat-themed CTFs - OSINT challenges
Malware Zoo- Hashes of famous malware
Open Source Malware- Links to OSTs on GitHub
OSINT Search Operators- Shodan Queries and Google Dorks
CTI Lexicon- Acronyms and Technical Jargon
CTI Quiz - 4 Topics of Multiple Practice Questions
Abuse Legitimate Services - List of services used for malware and phishing
Android Banking Trojan Nexus - Centralised list of Android banking malware families
Breach Report Collection - Collection of breach reports for case studies
Cybercrime Police Raids - Collection of raids on cybercriminals by police for case studies
UK Critical Infrastructure - Collection of case reports of attacks on UK CNI for case studies
OPSEC 101 - A guide to better security for non-technical family, friends, and colleagues
YARA Rules - Repo of my various YARA Rules that can be used for Threat Research
Python Projects - Repo of my various Python Scripts that can be used for CTI

EternalLiberty - APT moniker database
Curated Intel: Log4Shell IOCs - Vetted IOCs and analysis of threats leveraging Log4Shell
Curated Intel: Ukraine Cyber Operations - Threat Intelligence to assist Ukrainian organisations
Curated Intel: CTI Fundamentals - A collection of essential resources related to CTI theory
Curated Intel: MOVEit Transfer Campaign Tracking - Tracking events related to the MOVEit campaign
Curated Intel: Threat Actor Profile Guide - A guide for CTI analysts

Conference	Talk Title	Recording URL	Slides
Undisclosed	Introduction to CTI Research	n/a	here
Undisclosed	Practical Adversary Intelligence	n/a	here
Undisclosed	History of the Russian Intelligence Services and Hacking Campaigns	n/a	here
conINT 2020	Using Cyber Threat Intelligence to Defend against Ransomware	YouTube	here
BeerCon2	Gone Phishin' / Attack of the phish (something something phishing)	YouTube	here
TMHC IsolationCon2	Exploiting the Supply-Chain for Fun and Espionage	Website	here
DEFCON29	Blue Team Village Panel: Threat Report Roulette	YouTube	n/a
BeerCon3	Hacking-As-A-Service: Becoming An APT Is Easier Than Ever!	Website	here
NFCERT Annual Conference	Lessons from the Conti Leaks	n/a	here
BeerCon4	Practical Vulnerability Intelligence	YouTube	here
BSides Cheltenham 2023	They Can't Keep Getting Away With It: Analysis of ScatteredSpider/0ktapus campaigns	YouTube	here
BSides Basingstoke 2023	CL0P Likes To MOVEit MOVEit	YouTube	here
HexCon23	The Dynamic Duo: When Russian and Western Cybercriminals Combine	n/a	here
SANS CyberThreat23	Practical Cybercrime Intelligence	n/a	here

Podcast	Topic(s)	URL
Risky Biz News	Critical vulnerability (CVE-2022-1388) in F5 BIG-IP (from 8m 20s)	risky.biz
Technical Outcast	Curated Intelligence on the Conti Playbook leaks (from 30m 30s)	spotify.com
Darknet Diaries #126	REvil Ransomware	darknetdiaries.com
Click Here by Recorded Future News	Breach Forums Takedown	twitter.com/ClickHereShow
MyOSINT Training	Part of the "Careers Using OSINT Skills" series	YouTube
Infosecurity Magazine	Inside the MOVEit Attack: Decrypting Clop's TTPs and Empowering Cybersecurity Practitioners (from 16m 21s)	infosecurity-magazine.com
Intel471 Cybercrime Exposed	The Extortionists	intel471.com
SANS Wait Just An Infosec	In Hot Pursuit: Tracking Ransomware Actors (from 13m 00s)	linkedin.com
SANS Threat Analysis Rundown (STAR)	Disccusing Threats from Week 43 of 2023	linkedin.com
SANS Wait Just An Infosec	Ransomware Kingpins LockBit Disrupted	YouTube