Malware families

BEACON: A backdoor that is commercially available as part of the Cobalt Strike software platform and commonly used for pen-testing network environments. The malware supports several capabilities, such as injecting and executing
arbitrary code, uploading and downloading files, and executing shell commands.

EMPIRE: A publicly available PowerShell post-exploitation framework that allows users to run PowerShell agents without the use of powershell.exe. PowerShell Empire also allows actors to run various types of post-exploitation
modules and make adaptable communications while evading detection.

MAZE: A ransomware family that encrypts files stored locally and on network shares. MAZE can be configured to infect remote and removable drives as well as send basic system information via HTTP.

NETWALKER: A ransomware family capable of deleting volume shadow copies and encrypting files on a victim host and any mapped network drives using a combination of SALSA20 and Curve25519 encryption algorithms.

METASPLOIT: A penetration testing platform that enables users to find, exploit, and validate vulnerabilities.