Threat Hunting

  • Home
  • Threat Hunting

Graylog Pipelines – Threat Indicators

2019-10-28

Graylog by default provides an included plugin that allows you to check against threat feeds to determine if an IP or an domain has been marked as [...]

Sysmon 10 & DNS Queries

2019-07-13

On June 19th Mark Russinovich tweeted that the release of Sysmon version 10 will include DNS query logging. Packetbeat is currently being utilized for [...]

Threat Hunting with DNS Queries

2019-03-24

Majority of malware uses a command and control center to retrieve updates, commands to run and more. There are a few methods that malware can use to obtain [...]