Cyber Threat Hunting

Welcome to web page, a community of security researchers. Providing information related to cyber threat hunting, penetration testing, bug bounty, security awareness and best practices information security.

Start learning the Penetration Testing Execution Standard (PTEST) and Cyber Kill Chain.

Penetration Testing Execution Standard (PTEST)

  1. Pre-interaction
  2. Intelligence Gathering
  3. Threat Modelling
  4. Vulnerability Assessment
  5. Exploit
  6. Post-exploit
  7. Reporting

Cyber Kill Chain

  1. Reconnaissance
  2. Weaponization
  3. Delivery
  4. Exploitation
  5. Installation
  6. Command and Control
  7. Actions on objectives.

Featured Image by Cristiana Gilardi.

You also should know about the Advanced Persistent Threats (APT) LifeCycle

  1. Define Target
  2. Intelligence Gathering. Reconnaissance, Research Infrastructure, Employee, etc.
  3. Test for detection
  4. Deployment
  5. Establish outbound connection. Efficient, Resilient and Stealth
  6. Exfiltrate Data
  7. Remain un-detected.

Examples of APT Characteristics.

  1. Zero-Day Exploit or a custom crafted malware design for specific target.
  2. Social Engineering is still one of the effective and useful tool to get information about the target.
  3. Low and slow fashion to blend in with normal activities.
  4. Keep in mind APT is for Advanced (special malware), Persistent (repetition and multiple delivery) and Threats ( looking for every vulnerabilities )

Learn simply watching Videos I personally created listed below.

Thank you.

Follow me at Twitter: @KINGnet Web:

Support @QUE.COM

Founder, QUE.COM Internet Media. | Founder, a Shout for Joy! | MAJ.COM Management of Assets and Joint Ventures. More at KING.NET Ideas to Life.

One thought on “Cyber Threat Hunting

Leave a Reply