Blue Team, Blue Team Training Toolkit, BT3, Mocksum, Pcapteller, Maligno

Blue Team Training Toolkit (BT3) is designed for network analysis training sessions, incident response drills and red team engagements. Based on adversary replication techniques, and with reusability in mind, Blue Team Training Toolkit allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk.

Malware Indicator Profile

This training material produces network indicators related to a CHOPSTICK v2 backdoor starting C2 communications, which is used by APT28, a Russian threat actor.

Training Material Preview

This is what you can expect when using this training material during a training session or red team engagement.

  • IDS Alerts
    This section illustrates the IDS alerts produced by Snort with Emerging Threats Open Ruleset and Snort Community Ruleset. The alerts were triggered during a malware simulation with the Blue Team Training Toolkit. Please, note that future ruleset updates may produce a different result.

  • Indicators of Compromise
    This section highlights the indicators of compromise generated by the training material.

  • Size
    The malware indicator profile has a size of 0.003 MB.
  • Reference
    The training material has been based on threat intelligence provided by this source.

Download Premium Training Materials with Content Credits

Premium training content can be downloaded by using pre-paid content credits directly from the BT3 API command line interface. By purchasing content credits, you get the most out of your cyber security training