Home

Awesome

Process related threat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs ATT&CK (@MITREattack) | Twitter

These notes are presented in a reductive flat-file format for ease of sharing and import into elastic search tools. Use this data at your own risk. Please send any feedback, additions, or corrections.

Check column headers for key values. The index number is arbitrary.

I take no research credit. This page is combination of notes I've taken from several sources. Please follow them on Twitter- SANS DFIR(@sansforensics), Florian Roth(@cyb3rops), Casey Smith(@subTee), Matt Nelson(@enigma0x3), Matt Graeber(@mattifestation), Red Canary's Atomic Red Team (@redcanaryco), Nick Carr(@itsreallynick), Steve Miller(@stvemillertime), David Bianco(@david.j.bianco), Paul Melson(@pmelson), Oddvar Moe(@oddvarmoe)