Threat Hunting with sysmon 101

less than 1 minute read

Introduction

I will begin a new series of blog posts where I engage in threat hunting using sysmon logs. Throughout the process, I will utilize free tools and Python to conduct the hunts. The objective is to document and share my previous knowledge and insights.

Stay tuned.

Share on

Twitter Facebook LinkedIn

Threat Hunting with sysmon 101 part 4: Loading events in pandas dataframe

4 minute read

Loading sysmon events in pandas dataframe In the past article, we used powershell scripting to filter the events and perform basic querying, in this article ...

Threat Hunting with sysmon 101 part 3: Command line investigation

5 minute read

Threat Hunting with sysmon: Command line investigation In this article, we’ll look at Mitre technique T1059.001 Command and Scripting Interpreter: PowerShell...

Threat Hunting with sysmon 101 part 2: Process creation event

3 minute read

Threat Hunting with sysmon: Process creation event

Threat Hunting with sysmon 101 part 1: sysmon installation

1 minute read

Threat Hunting with sysmon: sysmon installation

abdo