Does this skill require direct access to the Dark Web?

While the skill supports Tor-isolated research patterns, it primarily leverages structured public feeds like Ransomwatch to ensure safe and efficient intelligence gathering without direct DLS interaction.

What ransomware groups can this skill track?

It can track any group indexed by major DLS monitoring services, including active families like Qilin, Akira, LockBit, and BlackCat.

Does this require special Python libraries?

Yes, it utilizes Python 3.9+ along with requests, beautifulsoup4, and pandas for data processing and analysis.

Can I use this for real-time alerting?

Yes, by integrating the collection workflows into automated scripts, you can monitor for new organization or sector-specific mentions on a daily basis.

Ransomware Leak Site Intelligence

Name: Ransomware Leak Site Intelligence
Author: micsapp

bymicsapp

0•

보안 및 테스팅

Monitors and analyzes ransomware data leak sites to track victim postings and extract actionable threat intelligence.

This skill empowers security analysts to systematically monitor ransomware Data Leak Sites (DLS) using Tor-ready patterns and public feeds like Ransomwatch. It provides automated workflows for extracting structured data on victim organizations, identifying emerging threat groups, and conducting sector-specific risk assessments. By tracking double-extortion patterns and group activity trends, users can proactively adjust their defense strategies and build informed detection rules based on the real-world ransomware landscape.

주요 기능

01Generation of comprehensive executive threat intelligence reports

020 GitHub stars

03Automated ingestion of ransomware victim data from public monitoring feeds

04Sector-specific and geographic risk assessment scoring

05Identification and tracking of newly emerged or rebranded ransomware groups

06Analysis of group activity trends and operational tempo

사용 사례

01Tracking the evolution and victimology of specific ransomware families like LockBit or Akira

02Conducting sector-specific ransomware risk assessments for proactive defense

03Monitoring for organization or supply chain mentions on leak sites

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills analyzing-ransomware-leak-site-intelligence

For use in Claude.ai and ChatGPT

주요 기능

01Generation of comprehensive executive threat intelligence reports

020 GitHub stars

03Automated ingestion of ransomware victim data from public monitoring feeds

04Sector-specific and geographic risk assessment scoring

05Identification and tracking of newly emerged or rebranded ransomware groups

06Analysis of group activity trends and operational tempo

사용 사례

01Tracking the evolution and victimology of specific ransomware families like LockBit or Akira

02Conducting sector-specific ransomware risk assessments for proactive defense

03Monitoring for organization or supply chain mentions on leak sites

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills analyzing-ransomware-leak-site-intelligence

For use in Claude.ai and ChatGPT