Skip to content

HowToContribute.md

Latest commit

 

History

History
30 lines (24 loc) · 2.5 KB

HowToContribute.md

File metadata and controls

30 lines (24 loc) · 2.5 KB

How to Contribute

  • It is amazing that members of the community want to lend their support to this project and help build up the Ransomware Tool Matrix.
  • Please follow the guidelines below if you wish to contribute.
  • Typos will not be merged.

Important

To contribute to this repository, researchers must follow the How to Contribute guide, otherwise pull requests will be closed without merging them.

Submitting a Tool

  • The point of the Ransomware Tool Matrix is to highlight to defenders the dangers of these legitimate binaries.
  • There is a caveat with the OffSec section - these are legitimate Pentesting tools developed by ethical hackers.
  • Please do not submit malware families (custom coded) to the Ransomware Tool Matrix, such as DarkGate or Redline, etc.
  • A good rule of thumb is that the tool you submit should be available to anyone.
  • The tool should be simple to find and download or could be bought with a license.

Providing Evidence

  • The Ransomware Tool Matrix is based on open source intelligence (OSINT) threat reports provided by a variety of sources, such as CISA's #StopRansomware alerts or The DFIR Report's publications, among others.
  • Please do not submit tools to this repository if there are no public sources to confirm your research - it is important that others can independently verify your claims.
  • The quality of the evidence provided shall be judged during a review of the pull request - it may be closed if the evidence is insufficient to support your commit.
  • Please add your evidence to the following Markdown file in this repository: ExtraThreatIntel

Community Reports

  • Individuals can now share what tools they have seen various ransomware groups/affiliates/IABs use via the Community Report Template.
  • The Community Report Template allows individuals who would like to contribute their observations to it, but do not have public links they can cite (such as a formal blog post etc).
  • Please add your observations to the following Community Report Folder using the Community Report Template.

Important

Community Reports will vary depending on the reliability and credibility of the submitter. The decision to consume the info from these reports should be investigated more carefully.