Cyber Threat Hunting

July 22, 2022July 18, 2022 Support @QUE.COM 46830 Views 1 Comment Bug Bounty, CyberHunting, CyberSecurity, CyberThreat, Hacking, Penetration Testing, Pentest

Welcome to CyberHunting.com web page, a community of security researchers. Providing information related to cyber threat hunting, penetration testing, bug bounty, security awareness and best practices information security.

Start learning the Penetration Testing Execution Standard (PTEST) and Cyber Kill Chain.

Penetration Testing Execution Standard (PTEST)

Pre-interaction
Intelligence Gathering
Threat Modelling
Vulnerability Assessment
Exploit
Post-exploit
Reporting

Cyber Kill Chain

Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and Control
Actions on objectives.

Featured Image by Cristiana Gilardi.

You also should know about the Advanced Persistent Threats (APT) LifeCycle

Define Target
Intelligence Gathering. Reconnaissance, Research Infrastructure, Employee, etc.
Test for detection
Deployment
Establish outbound connection. Efficient, Resilient and Stealth
Exfiltrate Data
Remain un-detected.

Examples of APT Characteristics.

Zero-Day Exploit or a custom crafted malware design for specific target.
Social Engineering is still one of the effective and useful tool to get information about the target.
Low and slow fashion to blend in with normal activities.
Keep in mind APT is for Advanced (special malware), Persistent (repetition and multiple delivery) and Threats ( looking for every vulnerabilities )

Pardon our dust we continue to update this page for Cyber Threat Hunting.

Thank you.

Twitter: @KINGnet Web: https://KING.net

Support @QUE.COM

Founder, QUE.COM Internet Media. | Founder, Yehey.com a Shout for Joy! | MAJ.COM Management of Assets and Joint Ventures. More at KING.NET Ideas to Life.