"investigated further. if you plan to do your hunts on the endpoints, you need to have a strong knowledge of every operating system and the applications they are using. for example, powershell is a powerful scripting language built into the windows operating system. it is rare tha…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1095Non-Application Layer Protocol
89%
"passing between the internal network and the internet. this is usually accomplished by capturing traffic at the internal interface of the firewall. this may be done with a network tap or by leveraging a switch span port. once the data is collected, you need tools and processes to…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1040Network Sniffing
78%
"questions from a beginner threat hunter questions from a beginner threat hunter answered by chris brenton of active countermeasures | questions compiled from the infosec community by shelby perry this article was originally published in the threat hunting issue of our infosec zin…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1040Network Sniffing
60%
"increase in the number of dns queries. q : there are so many tools out there … how do i know which to use for what? a : try them out! see which works best in your environment and matches your workflow. also, don ’ t expect one tool to always be a perfect fit for every need. for e…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1572Protocol Tunneling
43%
"investigated further. if you plan to do your hunts on the endpoints, you need to have a strong knowledge of every operating system and the applications they are using. for example, powershell is a powerful scripting language built into the windows operating system. it is rare tha…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Answered by Chris Brenton of Active Countermeasures | Questions compiled from the infosec community by Shelby Perry This article was originally published in the Threat Hunting issue of our infosec […]
