Blue Team Training Toolkit (BT3) is software for defensive security training. By creating a free BT3 subscription account, you get access to our training content library. From here, you can download both free and premium training content ready for use with the Blue Team Training Toolkit.
The training content library includes realistic network traffic related to a wide range of attacks, mock malware samples with hash collisions, as well as malware indicator profiles. Get the training content you need right at your fingertips!
Blue Team Training Content Library has now been updated with several new PCAP files and malware indicator profiles.
Malware Indicator Profiles – New Additions
The following malware indicator profiles have been added to the training library in October:
- anel
Produces network indicators related to ANEL APT backdoor, which was used in the ChessMaster campaign against government agencies in Japan.
- anunak
Produces network indicators related to Anunak APT malware, which is associated with criminal gangs of the Carbanak/FIN7 syndicate.
- chches
Produces network indicators related to ChChes APT backdoor, which was used in the ChessMaster campaign.
- htprat
Produces network indicators related to htpRAT, which is checking in to a command-and-control (C2) server.
- ratankbapos
Produces network indicators related to a RatankbaPOS trojan, which is requesting and downloading an update from a C2 server. The profile will download a BT3 mockfile as executable file, simulating the update requested by the piece of malware.
PCAP Files – New Additions
The following PCAP files have been added to the training library in October:
- gandcrab_ransom
Contains network traffic related to a Gandcrab ransomware infection.
- gandcrab_ransom_v4
Contains network traffic related to a Gandcrab ransomware version 4 infection.
- trojan_dridex
Contains network traffic related to a Dridex banking trojan infection.