Awesome Threat Detection and Hunting: Other Resources and Useful Links
- botconf
- The ThreatHunting Project
- malwarearchaeology
- Active Directory Security
- Expert Investigation Guide
- SANS cyber security summit archives
- Windows Hunting - A collection of Windows hunting queries
- Tool Analysis Result Sheet
- The Sysmon and Threat Hunting Mimikatz wiki for the blue team
- Active Directory Kill Chain Attack & Defense
- The ThreatHunter-Playbook: A Threat hunter’s playbook to aid the development of techniques and hypothesis for hunting campaigns.
- UNCODER: Uncoder.IO is the online translator for SIEM saved searches, filters, queries, API requests, correlation and Sigma rules to help SOC Analysts, Threat Hunters and SIEM Engineers.
- Tool Analysis Result Sheet: This site summarizes the results of examining logs recorded in Windows upon execution of the 49 tools which are likely to be used by the attacker that has infiltrated a network. The following logs were examined.