Threat Hunting
Threat hunting is a proactive cyber security technique where you scour networks, systems, and devices for anomalies to proactively search for cyber threats. It is an important measure that allows analysts to deep dive into the attack surface and expose malicious threats. These advanced threats have often successfully infiltrated the initial endpoint security layers undetected. Its core focus is to prevent sophisticated cyberattacks and advanced persistent threats from wreaking havoc within the network.
-
C2 hunting empowers you to track down adversary C2 servers and stay a step ahead of the bad guys. This guide teaches you how to do it using Shodan.
-
Discover the best way of collecting intelligence, a collection management framework. This guide will teach you what they are and how to create one.
-
Learn about the Courses of Action matrix (CoA) and how it can help your organization accurately assess its defensive capabilities and improve resiliency.
-
Discover netlas.io, a powerful suite of tools to enrich your threat hunts, add threat intelligence to your investigations, Discover netlas.io, a powerful suite of tools to enrich your threat hunts, add threat intelligence to your investigations, and map your attack surface.
-
Learn why malware configuration parsing is an essential skill for any threat hunter, plus how to use a malware configuration parsers to do this automatically.
-
Discover the new cyber security notetaking app that integrates with your organization’s tools and is an effective copilot for all your investigations.
-
Make your threat hunting process more efficient by integrating MISP and CrowdStrike Falcon EDR so you can automate uploading your IOCs for detection.
-
Learn how to create a Jupyter Notebook that you can use to query your MISP instance. This will drastically speed up your threat intelligence operations!
-
Discover what Jupyter Notebooks are and learn how to create your own to structure your threat hunting workflow and improve your efficiency.
-
Learn to create your own Python packages using the Python module Poetry. This lets you easily share your threat hunting tools with the community.
-
Discover how to extract valuable information from JSON to analyze it and turn it into threat intelligence or IOCs to hunt for in your environment.
-
Discover how to extract data from a CSV file to analyze it and turn it into threat intelligence or IOCs to hunt for in your environment.
-
Discover how to create standalone executable programs from your Python scripts that you can use on any Windows operating system using the Python module py2exe.
-
Learn how to give your threat hunting tools command line arguments that modify their behavior when they are executed.
-
Learn to use browser automation to automate the threat intelligence process when API access is not available or behind a paywall.
