Should this be used for technical penetration testing?

No, this is a discussion-based exercise tool designed to test procedures, communication, and decision-making rather than technical exploit capabilities.

Is it compliant with industry standards?

The skill aligns with the NIST Cybersecurity Framework (CSF) Respond/Recover functions and CISA's Tabletop Exercise Packages (CTEPs).

Can this skill simulate specific ransomware groups?

Yes, it includes scenarios and tactics (TTPs) for prominent actors like LockBit, ALPHV/BlackCat, and Cl0p to ensure realistic testing.

Does it provide evaluation templates?

Yes, the skill generates scoring matrices and After-Action Report (AAR) templates to document findings, gaps, and remediation steps.

Ransomware Tabletop Exercise Facilitator

Name: Ransomware Tabletop Exercise Facilitator
Author: micsapp

bymicsapp

0•

安全与测试

Plans and facilitates realistic ransomware tabletop exercises to test organizational incident response readiness and decision-making procedures.

This skill provides a comprehensive framework for conducting ransomware tabletop exercises (TTX), enabling security teams to simulate high-pressure scenarios involving double extortion and data leaks. It automates the design of realistic attack timelines based on modern threat actors like LockBit and Cl0p, generates structured injects to challenge decision-makers, and provides evaluation templates aligned with NIST CSF and CISA guidelines to identify gaps in recovery playbooks, legal notifications, and communication strategies.

主要功能

01Generates multi-phase ransomware scenarios based on real-world threat actor TTPs

02Provides structured injects for double extortion, regulatory deadlines, and data leaks

03Aligns organizational responses with NIST CSF and CISA ransomware readiness standards

04Facilitates decision-making evaluations for ransom payments and public disclosure

050 GitHub stars

06Produces standardized After-Action Reports (AAR) with gap analysis and remediation plans

使用场景

01Training cross-functional teams including IT, Legal, PR, and Operations on their roles during a cyber crisis

02Conducting annual incident response drills to meet cyber insurance and regulatory requirements

03Validating executive decision-making frameworks regarding ransom payments and legal notifications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills performing-ransomware-tabletop-exercise

For use in Claude.ai and ChatGPT

主要功能

01Generates multi-phase ransomware scenarios based on real-world threat actor TTPs

02Provides structured injects for double extortion, regulatory deadlines, and data leaks

03Aligns organizational responses with NIST CSF and CISA ransomware readiness standards

04Facilitates decision-making evaluations for ransom payments and public disclosure

050 GitHub stars

06Produces standardized After-Action Reports (AAR) with gap analysis and remediation plans

使用场景

01Training cross-functional teams including IT, Legal, PR, and Operations on their roles during a cyber crisis

02Conducting annual incident response drills to meet cyber insurance and regulatory requirements

03Validating executive decision-making frameworks regarding ransom payments and legal notifications