Skip to content

Threat Hunting

Threat hunting is a proactive approach to cybersecurity that involves actively searching for potential threats and vulnerabilities within an organization's network. This approach offers numerous benefits to cybersecurity professionals. First, threat hunting enables security teams to detect and remediate threats before they can cause damage to the network or compromise sensitive data. This proactive approach is essential for mitigating advanced persistent threats (APTs) that might go unnoticed for extended periods. Second, threat hunting can help security teams identify gaps and weaknesses in their security infrastructure, enabling them to implement more effective security measures. Third, threat hunting provides valuable insights into the tactics, techniques, and procedures (TTPs) used by attackers, enabling security teams to develop more effective countermeasures. Finally, threat hunting can enhance an organization's overall security posture by identifying and mitigating potential threats before they can cause harm. In summary, threat hunting is a proactive approach to cybersecurity that provides valuable insights into an organization's security infrastructure and enables security teams to detect and remediate potential threats before they can cause damage.

Cyber Chef Recipes

Threat hunting presentations and videos.

https://www.youtube.com/watch?v=Wuy_Pm3KaV8
https://www.rsaconference.com/writable/presentations/file_upload/hta-t07r-license-to-kill-malware-hunting-with-the-sysinternals-tools_final.pdf
https://blogs.technet.microsoft.com/clinth/2016/09/07/automating-the-sysinternals-hunting-malware-technique/
https://channel9.msdn.com/Events/TechEd/NorthAmerica/2012/SIA302
http://video.ch9.ms/sessions/teched/na/2014/DCIM-B368.pptx
http://techgenix.com/hunt-down-kill-malware-sysinternals-tools-part1/
http://techgenix.com/Hunt-Down-Kill-Malware-Sysinternals-Tools-Part2/
http://techgenix.com/Hunt-Down-Kill-Malware-Sysinternals-Tools-Part3/
http://www.itninja.com/blog/view/malware-hunting-with-sysinternals-tools
https://www.youtube.com/@VirusTotal_community/videos