Publicly Available Tools Seen in Cyber Incidents Worldwide

This joint advisory from five national cyber authorities details five widely available tools exploited in real incidents—JBiFrost (RAT), China Chopper (webshell), Mimikatz (credential dumper), PowerShell Empire (post-exploitation framework), and HTran (C2/proxy)—describing their capabilities, observed use against critical sectors, detection indicators (hashes, distinctive error strings, network behaviors), and prioritized mitigations for defenders.