Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-05-25Huntress LabsMatthew Brennan
Cobalt Strikes Again: An Analysis of Obfuscated Malware
Cobalt Strike
2021-05-20Github (microsoft)Microsoft
Microsoft 365 Defender Hunting Queries for hunting multiple threat actors' TTPs and malwares
STRRAT OceanLotus BabyShark Elise Revenge RAT WastedLocker Zebrocy
2021-05-19Medium Mehmet ErgeneMehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 2
Cobalt Strike
2021-05-17TelekomThomas Barabosch
Let’s set ice on fire: Hunting and detecting IcedID infections
IcedID
2021-05-12Medium Mehmet ErgeneMehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 1
Cobalt Strike
2021-05-10Anheng Threat Intelligence CenterHunting Shadow Lab
Analysis of U.S. Oil Products Pipeline Operators Suspended by Ransomware Attacks
DarkSide
2021-05-07Medium svch0stsvch0st
Stats from Hunting Cobalt Strike Beacons
Cobalt Strike
2021-05-06Black HatAnurag Khanna, Thirumalai Natarajan Muthiah
Threat Hunting in Active Directory Environment
2021-05-06Cyborg SecurityBrandon Denker
Ransomware: Hunting for Inhibiting System Backup or Recovery
Avaddon Conti DarkSide LockBit Mailto Maze Mespinoza Nemty PwndLocker RagnarLocker RansomEXX REvil Ryuk Snatch ThunderX
2021-05-05SymantecThreat Hunter Team
Multi-Factor Authentication: Headache for Cyber Actors Inspires New Attack Techniques
CHINACHOPPER
2021-05-02The RecordCatalin Cimpanu
DOJ hiring new liaison prosecutor to hunt cybercriminals in Eastern Europe
2021-04-27Positive TechnologiesPT ESC Threat Intelligence
Lazarus Group Recruitment: Threat Hunters vs Head Hunters
2021-04-26getrevueTwitter (@80vul)
Hunting Cobalt Strike DNS redirectors by using ZoomEye
Cobalt Strike
2021-04-19InfoSec Handlers Diary BlogJan Kopriva
Hunting phishing websites with favicon hashes
2021-04-15Medium BI.ZONEAnton Medvedev, Demyan Sokolin, Vadim Khrykov
Hunting Down MS Exchange Attacks. Part 1. ProxyLogon (CVE-2021–26855, 26858, 27065, 26857)
2021-04-05Huntress LabsJohn Hammond
From PowerShell to Payload: An Analysis of Weaponized Malware
2021-03-25MicrosoftTom McElroy
Web Shell Threat Hunting with Azure Sentinel
CHINACHOPPER
2021-03-18Github (cisagov)CISA
CISA Hunt and Incident Response Program (CHIRP)
SUNBURST
2021-03-18ElasticSamir Bousseaden
Hunting for Lateral Movement using Event Query Language
2021-03-08SymantecThreat Hunter Team
How Symantec Stops Microsoft Exchange Server Attacks
CHINACHOPPER MimiKatz