ThreatHunting-Keywords
Awesome list of keywords and artifacts for Threat Hunting sessions
https://github.com/mthcht/ThreatHunting-Keywords
Last synced: 8 days ago
JSON representation
-
Files
-
Targeted Threat Hunting Methodology Example
-
For the redteam:
-
-
Example use cases with `threathunting-keywords`:
-
Other awesome lists for detection
- Browsers extensions Searches
- here
- C2 hiding in plain sigh
- Guides
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- suspicious_named_pipe_list.csv
- [suspicious_TLDs
- [suspicious ASNs
- suspicious_windows_services_names_list.csv
- suspicious_windows_tasks_list.csv
- suspicious_ports_list.csv
- suspicious_windows_firewall_rules_list.csv
- User-Agents Searches
- DNS Over HTTPS Searches
- suspicious_http_user_agents_list.csv
- suspicious_usb_ids_list.csv
- Suspicious TLDs Searches
- suspicious_mac_address_list.csv
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- suspicious_hostnames_list.csv
- executables_metadata_informations_list.csv
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- dns_over_https_servers_list.csv
- hijacklibs_list.csv
- Time Slipping detection
- loldrivers_only_hashes_list.csv
- malicious_bootloaders_only_hashes_list.csv
- ssl_certificates_malicious_list.csv
- [permissions
- ransomware_extensions_list.csv
- ransomware_notes_list.csv
- windows_asr_rules.csv
- nordvpn_ips_list.csv
- protonvpn_ip_list.csv
- Default Lists + script
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- intelligence gathering sheet
- intelligence gathering sheet
- intelligence gathering sheet
- intelligence gathering sheet
- intelligence gathering sheet
- intelligence gathering sheet
- intelligence gathering sheet
-
-
DFIR Hunt for keywords in files (No SIEM)
-
Other awesome lists for detection
-
-
What is Threat Hunting ?
-
Bridging Threat Hunting With Core Services
-
Threat Hunting Lifecycle in SOC Operations
- image
- image
- image
- image
- image
- image
- image
- image
- image
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
- SOC_Process_Threat_Hunting_to_detection
-
Detection Maturity Level
-
Threat Hunting Checklist - Key Focus Areas for Intelligence Gathering
-
Targeted Threat Hunting Methodology Example
-
MITRE ATT&CK technique mapping
-
YARA Rules
- Capture d'écran 2024-08-24 121019
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
-
Tools matrix
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
- image
-
Programming Languages
Categories
Sub Categories
Other awesome lists for detection
719
YARA Rules
239
Tools matrix
203
Targeted Threat Hunting Methodology Example
46
Threat Hunting Lifecycle in SOC Operations
45
Bridging Threat Hunting With Core Services
45
Detection Maturity Level
45
Threat Hunting Checklist - Key Focus Areas for Intelligence Gathering
2
For the redteam:
1