Section | Exercise | Link |
---|---|---|
Workflow Management | Hunting Workflow Management System | Link |
Working with ATT&CK | MITRE ATT&CK Navigator | Link |
Working with ATT&CK | Working with MITRE ATT&CK (pyattck) | |
Hunting: Data Sources | DeTTECT - Groups | |
Hunting: Data Sources | DeTTECT - Data Source Administration | |
Hunting: Visibility Coverage | DeTTECT - Technique Administration | |
Hunting: Detection Coverage | DeTTECT - Technique Administration | |
Hunting: Visibility | Mordor Project | |
Hunting: Visibility | Threat Hunters Playbook | |
Hunting: Detection | Sigma Project |
Name | Link |
---|---|
Roberto Rodriguez Interview | https://www.youtube.com/watch?v=KryJx_xAwCg |
Jupyter Notebooks and Pre-recorded Datasets for Threat Hunting | https://www.youtube.com/watch?v=ZfJ01ZFCMe0 |
DeTT&CT Getting Started | https://github.com/rabobank-cdc/DeTTECT/wiki/Getting-started |
DeTT&CT Editor | https://rabobank-cdc.github.io/dettect-editor |