How To Use Process Hacker to Find Intrusions During Incident Response and Threat Hunting Engagements
How To Use Process Hacker to Find Intrusions During Incident Response and Threat Hunting Engagements https://youtu.be/vtIe3uuABKU Unmasking Malware: Your In-Depth Guide to Process Hacker for Threat Hunting In the ever-evolving […]
How to Discover Windows Run Key Persistence When Threat Hunting
Learn what Windows Run Key persistence is, how attackers use it to maintain access, and discover actionable threat hunting techniques to find and eliminate it in your network.
A Threat Hunter’s Guide to PowerShell Event Logs
Detect malicious activity by learning how to use the three crucial PowerShell event logs: Event ID 400, 600, and 403. This guide shows threat hunters how to analyze these default logs to uncover hidden threats.
YARA Rules for Beginners: A Practical Guide to Threat Hunting
Master the basics of threat hunting with YARA. Our step-by-step tutorial walks you through writing your first YARA rules, from installation to using conditions and modifiers.
How to Write Yara Binary Pattern Matching Rules to Enhance Threat Hunting and Cybersecurity Ops
Level up your threat hunting skills! This guide teaches you how to write effective YARA binary rules to find malware by matching hex values, using wildcards, and mastering jumps.
How Hackers Hijack Applications Using Malicious DLLs: And How To Improve Cyber Defenses Against It
Unmask DLL load order hijacking, a stealthy attack technique used to take over trusted applications. Learn how it works and get expert tips to detect and defend against it.
How to Write Sysmon Rules: Getting Fancy(Bear) With Sysmon to Find APT Level Cyber Security Threats
Stop alert fatigue. Learn to create advanced Sysmon rules targeting Fancy Bear’s TTPs. Our step-by-step guide helps you build a high-fidelity detection system.
How to get started with Microsoft Sysinternals’ Sysmon advanced event logging
Level up your threat hunting with Sysmon. Our guide shows you how to install and configure this powerful tool to gain deep system visibility and detect advanced threats.
Threat Hunting for the Actor Behind CYBERCOM’s Recent Ukraine Report
Unlock proactive cybersecurity: Learn how to transform basic Cybercom IOCs into powerful behavioral threat hunting strategies by analyzing TTPs of threat actors like InvisiMole and their associates.
Why/How to Threat Hunting With Windows Process Creation/Termination (Event ID 4688/4689) Logs
Unmask threats with Windows Event IDs 4688 & 4689. Learn to enable Process Creation & Termination logs for powerful cybersecurity threat hunting.