Home
Olaf Hartong edited this page Nov 15, 2018
·
13 revisions
Welcome to the ThreatHunting wiki!
The app has the following structure;
- MITRE ATT&CK
- Computer Drilldown
- Network Connection Drilldown
- ParentProcess GUID Drilldown
- Process GUID Drilldown
- Sysmon Events
- Lateral Movement Indicators
- PowerShell Events
- Newly observed hashes
- Process Create whitelist editor
- Network whitelist editor
- Files Access whitelist editor
- Process Access whitelist editor
- Registry whitelist editor
- Image Load whitelist editor
- Pipe Created whitelist editor
- WMI whitelist editor