Blue Team, Blue Team Training Toolkit, BT3, Mocksum, Pcapteller, Maligno

Blue Team Training Toolkit (BT3) is designed for network analysis training sessions, incident response drills and red team engagements. Based on adversary replication techniques, and with reusability in mind, Blue Team Training Toolkit allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk.


This training material contains network traffic related to a Nheqminer cryptocurrency miner associated with Shade ransomware infection.

Training Material Preview

Below you can find a few relevant screenshots from the content included in this training material. This is what you can expect when using this training material during a training session or red team engagement.

  • IDS Alerts
    This section illustrates the IDS alerts produced by Snort with Emerging Threats Open Ruleset and Snort Community Ruleset. The alerts were triggered during a network traffic replay with the Blue Team Training Toolkit. Please, note that future ruleset updates may produce a different result.

  • Network Traffic
    This section highlights relevant network traffic contained by the training material.

  • Size
    The PCAP file contains 3.685 MB of network traffic.
  • Reference
    The training material has been based on threat intelligence provided by this source.

Download Premium Training Materials with Content Credits

Premium training content can be downloaded by using pre-paid content credits directly from the BT3 API command line interface. By purchasing content credits, you get the most out of your cyber security training sessions, incident response drills and red team engagements.