Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-06-23RushterArtem Golubin
Threat Hunting Introduction: Cobalt Strike
Cobalt Strike
2025-06-23DarkatlasDarkatlas Squad
Bluenoroff (APT38) Live Infrastructure Hunting
2025-06-19Hunt.ioHunt.io
Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure
Cobalt Strike
2025-06-18Huntress LabsAlden Schmidt, Jonathan Semon, Stuart Ashenbrenner
Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion
2025-06-12SymantecCarbon Black, Threat Hunter Team
Fog Ransomware: Unusual Toolset Used in Recent Attack
Fog
2025-06-05Hunt.ioHunt.io
Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure
AsyncRAT XWorm
2025-05-09LumenChris Formosa, Ryan English
Classic Rock: Hunting a Botnet that preys on the Old
2025-05-09LumenBlack Lotus Labs
Classic Rock: Hunting a Botnet that preys on the Old
2025-05-05Hunt.ioHunt.io
APT36-Style ClickFix Attack Spoofs Indian Ministry to Target Windows & Linux
2025-04-29Recorded FutureInsikt Group
Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting
FAKEUPDATES MintsLoader GhostWeaver Stealc TAG-124
2025-04-15Beazley Security LabsBeazley Security Labs
Hunting Mice In Tunnels II - Fake CAPTCHAs and Ransomware
Interlock Supper
2025-04-10SymantecThreat Hunter Team
Shuckworm Targets Foreign Military Mission Based in Ukraine
2025-04-08Hunt.ioHunt.io
State-Sponsored Tactics: How Gamaredon and ShadowPad Operate and Rotate Their Infrastructure
ShadowPad
2025-04-01Hunt.ioHunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid
2025-03-25SpyCloudJames
On the Hunt for Ghost(Socks)
GhostSocks
2025-03-11Hunt.ioHunt.io
JSPSpy and ‘filebroser’: A Custom File Management Tool in Webshell Infrastructure
2025-03-04Hunt.ioHunt.io
Exposing Russian EFF Impersonators: The Inside Story on Stealc & Pyramid C2
Pyramid Stealc
2025-02-27Hunt.ioHunt.io
Uncovering Joker’s C2 Network: How Hunt’s SSL History Exposed Its Infrastructure
Joker
2025-02-20Hunt.ioHunt.io
LightSpy Expands Command List to Include Social Media Platforms
lightSpy
2025-02-13Intel 471Intel 471
Threat hunting case study: SocGholish
FAKEUPDATES