1. 11

If you missed it, FireEye suffered a breach and as a result certain threat actors gained access to their red team tools. As a result of the breach, FireEye released a set of countermeasures to detect if their collected tools were being used.

BishopFox does a pretty good job breaking down what the tools were and what not. Most of what adversaries use are open source, esp for things like living off the land.