Blue Team Training Toolkit (BT3) is designed for network analysis training sessions, incident response drills and red team engagements. Based on adversary replication techniques, and with reusability in mind, Blue Team Training Toolkit allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk.
Malware Indicator Profile
This training material produces network indicators related to a Datper APT backdoor, which was used by Tick threat actor against Japan and South Korea.
Training Material Preview
This is what you can expect when using this training material during a training session or red team engagement.
- IDS Alerts
This section illustrates the IDS alerts produced by Snort with Emerging Threats Open Ruleset and Snort Community Ruleset. The alerts were triggered during a malware simulation with the Blue Team Training Toolkit. Please, note that future ruleset updates may produce a different result.
- Indicators of Compromise
This section highlights the indicators of compromise generated by the training material.
The malware indicator profile has a size of 0.003 MB.
The training material has been based on threat intelligence provided by this source.
Download Premium Training Materials with Content Credits
Premium training content can be downloaded by using pre-paid content credits directly from the BT3 API command line interface. By purchasing content credits, you get the most out of your cyber security training sessions, incident response drills and red team engagements.