Welcome to CyberHunting.com web page, a community of security researchers. Providing information related to cyber threat hunting, penetration testing, bug bounty, security awareness and best practices information security.
Start learning the Penetration Testing Execution Standard (PTEST) and Cyber Kill Chain.
Penetration Testing Execution Standard (PTEST)
- Intelligence Gathering
- Threat Modelling
- Vulnerability Assessment
Cyber Kill Chain
- Command and Control
- Actions on objectives.
Featured Image by Cristiana Gilardi.
You also should know about the Advanced Persistent Threats (APT) LifeCycle
- Define Target
- Intelligence Gathering. Reconnaissance, Research Infrastructure, Employee, etc.
- Test for detection
- Establish outbound connection. Efficient, Resilient and Stealth
- Exfiltrate Data
- Remain un-detected.
Examples of APT Characteristics.
- Zero-Day Exploit or a custom crafted malware design for specific target.
- Social Engineering is still one of the effective and useful tool to get information about the target.
- Low and slow fashion to blend in with normal activities.
- Keep in mind APT is for Advanced (special malware), Persistent (repetition and multiple delivery) and Threats ( looking for every vulnerabilities )
Pardon our dust we continue to update this page for Cyber Threat Hunting.