Introduction
Ransomware attacks are becoming increasingly devastating, but one constant remains: the tools used by cybercriminals. The Ransomware Tool Matrix is a comprehensive resource that highlights the tactics, techniques, and procedures (TTPs) frequently employed by ransomware and extortionist groups.
This repository equips defenders with actionable intelligence on the tools commonly utilized by adversaries, drawing insights from publicly shared resources such as the US Cybersecurity and Infrastructure Security Agency (CISA)’s #StopRansomware advisories and The DFIR Report’s publications, among others.
By compiling open-source intelligence (OSINT), this resource provides clear and practical insights that can be directly applied to threat hunting, detection engineering, and incident response efforts.
Project Background
As defenders, we can turn the tables by exploiting a crucial flaw committed by ransomware gangs: tool reuse. Many ransomware gangs repeatedly rely on the same set of utilities and scripts, creating opportunities for defenders to pre-emptively identify, block, or mitigate these threats before they escalate further. The Ransomware Tool Matrix is designed to be an evolving resource, regularly updated with the latest threat intelligence as new information on ransomware TTPs becomes available.
Whether you’re hunting for threats within your environment, investigating incidents, or trying to identify behavioural patterns among ransomware affiliates, this matrix serves as a valuable reference. With categorized lists covering everything from Remote Management and Monitoring (RMM) tools to exfiltration and defense evasion utilities, this project provides defenders with the insights needed to disrupt adversarial operations.
Explore detailed breakdowns of the most-used tools by top ransomware groups, dive into threat intelligence sources, and become informed with content like the Conti Playbook and Bassterlord Networking Manual. If you’re serious about proactive defense against ransomware, the Ransomware Tool Matrix is an indispensable tool in your arsenal.
