Threat Hunting Hypothesis Examples: Five Hunts to Start Out

Introduction

What is a Hunting Hypothesis?

Threat Hunting Hypothesis #1 — Potential Maldoc Execution Chain

Threat Hunting Hypothesis #2 — PowerShell Encoded Command Execution

Threat Hunting Hypothesis #3 — Attempted VBScript Stored in Non-Run CurrentVersion Registry Key Value

Threat Hunting Hypothesis #4 — Cobalt Strike Beacon Default C2 Structure

Threat Hunting Hypothesis #5 — LSASS Memory Dumping using WerFault.exe

Conclusion

--

--

--

Cyborg Security is a pioneer in cybernetic threat hunting, delivering an advanced, actionable threat hunting platform.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Blockchain & Cryptocurrency Advisors and Consulting In Tari World

Prevent invoice/sales frauds!

Trust Systems — Quantifying Relationships

What is Riemann going to do?(Part 1)

Vulnhub’s Hemisphere: Lynx Vulnerable VM CTF Write-Up

TEMPO is LIVE on Trader Joe!

Airdrop for Keyswap is on now.

Intrusion Detection System Important Specifications

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Cyborg Security

Cyborg Security

Cyborg Security is a pioneer in cybernetic threat hunting, delivering an advanced, actionable threat hunting platform.

More from Medium

5 Threat Hunting Tips from a Seasoned Hunt Team

OFFICE 365 — MITRE Enriched Events Using Wazuh Detection Rules

Unified Kill Chain in Cyber Threat Intelligence

Malware Analysis Report 05/13/2022