Learn Threat Hunting Skills

Learn Threat Hunting Skills

Learn Threat Hunting Skills
Milad Aslaner, one of my best friends and my partner in books, conferences, and family, wrote a great PowerShell simulation that can help you improve your Threat Hunting skills. It’s completely free! Below are the details and the download link:
Table of Contents
ThreatHunt is a PowerShell repository that allows users to practice their threat hunting skills. ThreatHunt allows users to simulate various attack techniques and procedures, without the need to leverage malicious files. ThreatHunt does not serve as a penetration tool or framework. It is a simple way to raise security alerts and help you train your threat hunting skills.
Train your Threat Hunting SkillsScenario
Let’s say that you are just starting your career as a threat hunter, or you are already a threat hunter, but your organization has a new Endpoint Detection Response or Security Information and Event Management. In both cases, you’ll need a safe harbor where you can raise security alarms and begin analzying data. ThreatHunt is a great tool for this purpose. It doesn’t contain malicious files, but simulates a lot of suspicious activities.
Files and Tools from Third Parties
ThreatHunt installs third-party tools and files and leverages them, such as PSExec and NMAP and EICAR test files. All of these tools and files are subject to the terms of the respective intellectual property owners.
Known Issues
Although there are no malicious files in this GitHub repositroy, it is important to remember that you are responsible and accountable for your environment. Before deploying any tools in production environments, make sure you carefully review them.
Some activities are very simple. One example is to copy calc.exe from C:WindowsSystem32 to a network share as mimikatz.exe. This is not about creating malicious files, but noise that can be used for threat hunting skills.
Download here : MiladMSFT/ThreatHunt.git