In this series, I will be showcasing a variety of threat hunting tools that you can use to hunt for threats, automate tedious processes, and extend to create your own toolkit using Python.
-
Learn how to build your own threat hunting tools with Python in this new series! First, let’s find out why it is important to build your own tools.
-
Learn about web scraping and to create your own tool to scrape threat intelligence from CISA’s weekly vulnerability summary.
-
Welcome back to this series on building threat hunting tools! Today how interacting with APIs can help us threat hunt.
-
Learn to use browser automation to automate the threat intelligence process when API access is not available or behind a paywall.
-
Learn how to give your threat hunting tools command line arguments that modify their behavior when they are executed.
-
Discover how to create standalone executable programs from your Python scripts that you can use on any Windows operating system using the Python module py2exe.
-
Discover how to extract data from a CSV file to analyze it and turn it into threat intelligence or IOCs to hunt for in your environment.
-
Discover how to extract valuable information from JSON to analyze it and turn it into threat intelligence or IOCs to hunt for in your environment.
-
Learn to create your own Python packages using the Python module Poetry. This lets you easily share your threat hunting tools with the community.
-
Discover what Jupyter Notebooks are and learn how to create your own to structure your threat hunting workflow and improve your efficiency.
-
Learn how to create a Jupyter Notebook that you can use to query your MISP instance. This will drastically speed up your threat intelligence operations!
-
Make your threat hunting process more efficient by integrating MISP and CrowdStrike Falcon EDR so you can automate uploading your IOCs for detection.
Interesting in Learning More?
Learn the dark arts of red teaming
Check out these courses offered by Zero-Point Security. They will teach you all things red teaming from creating exploits, writing your own C2 framework, and emulating real-world threat actors.
If you want more of a challenge, take on one of their certification exams and land your next job in cyber:
Learn more cyber security skills
Check out The All-Access Membership Pass by TCM Academy. for courses on hacking/pentesting, malware analysis, digital forensics, programming/scripting, GRC, and more!
If you’re looking to level up your skills even more, have a go at one of their certifications: