Joint report on publicly available hacking tools

The National Cyber Security Centre has worked with cyber security authorities in Australia, Canada, the United Kingdom and the United States to produce a report which highlights five publicly available tools which have been used for malicious purposes in recent cyber incidents around the world.

The tools detailed in the report fall into five different categories: Remote Access Trojans, Web Shells, Credential Stealers, Lateral Movement Frameworks, and Command and Control (C2) Obfuscators.

Specific tools discussed are:

  • Remote access trojans: JBiFrost
  • Web Shells: China Chopper
  • Credential stealer: Mimikatz
  • Lateral movement frameworks: PowerShell Empire
  • C2 obfuscation and exfil: HTran

The report provides network defenders and systems administrators with advice about limiting the effectiveness of these tools and detecting their use on a network.

GSA-2018-133 - Joint report on publicly available hacking tools