O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cyber Threat Hunting

Video Description

Gain expertise in analyzing your network while tracking various security threats

About This Video

  • Advanced topics cover threat hunting right from threat analysis to threat mitigation.
  • Use threat hunting tools to identify intrusive attacks and best measures to tackle threats.
  • Intensive coverage on various cyber-attacks on networks, websites, and endpoints.

In Detail

Threat hunting is the proactive technique that focuses on the pursuit of attacks and the evidence that attackers leave behind when they conduct reconnaissance, attack with malware, or exfiltrate sensitive data. This process allows attacks to be discovered earlier with the goal of stopping them before intruders are able to carry out their attacks and take illegal advantage of them.

In this course, you will get to know about the tools, techniques, and procedures necessary to effectively hunt, detect, and contain a variety of adversaries and to minimize incidents. You'll perform incident response and hunt across hundreds of unique systems using PowerShell and identify and track malware beaconing outbound to its command and control (C2) channel via memory forensics, registry analysis, and network connection residues.

You will determine how the breach occurred by identifying the beachhead and spear phishing attack mechanisms. You will be able to use memory analysis, incident response, and threat hunting tools to detect malware, attacker command lines, network connections, and more.

Downloading the example code for this course: You can download the example code files for all Packt video courses you have purchased from your account at http://www.PacktPub.com. If you purchased this course elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.

Table of Contents

  1. Chapter 1 : Threat Hunting Introduction
    1. Course Overview 00:01:37
    2. Introduction to Threat Hunting 00:02:39
    3. Incident Response and Incident Handling 00:01:45
    4. Hunting Mindset - Threat Intelligence 00:01:35
    5. Hunter Mindset - Forensics 00:02:08
    6. Threat Hunting Simulation 00:02:07
    7. Threat Hunting Terminologies 00:02:56
  2. Chapter 2 : Threat Hunting Methodology
    1. Threat Reports and Research 00:05:16
    2. Threat Sharing and Exchanges 00:03:08
    3. Indicators of Compromise 00:04:08
    4. Threat Hunting Methods 00:03:46
    5. Report Writing 00:03:47
  3. Chapter 3 : Network Hunting
    1. Network Hunting Overview 00:01:45
    2. TCP/IP and Networking Primer 00:01:32
    3. Network Hunting Tools 00:09:57
    4. Network Hunting Summary 00:01:54
  4. Chapter 4 : Suspicious Network Traffic Hunting
    1. ARP Analysis 00:05:00
    2. ICMP Analysis 00:04:08
    3. TCP Analysis 00:05:42
    4. DHCP Analysis 00:07:50
    5. DNS Analysis 00:04:55
    6. HTTP/HTTPS Analysis 00:03:47
    7. Unknown Traffic 00:05:14
  5. Chapter 5 : Hunting Web Shells
    1. Web Shell Hunting Overview 00:01:49
    2. Web Shell Hunting Tools 00:08:27
    3. Hunting Web Shell – Part 1 00:09:26
    4. Hunting Web Shell – Part 2 00:11:04
  6. Chapter 6 : Endpoint Hunting
    1. Endpoint Hunting Overview 00:01:42
    2. Windows Processes 00:01:52
    3. Endpoint Baselines 00:03:08
    4. Malware Classifications 00:08:06
    5. Malware Delivery 00:05:15
    6. Malware Evasion Techniques 00:11:41
    7. Malware Persistence 00:01:42
  7. Chapter 7 : Hunting Malware
    1. Malware Hunting Overview 00:01:19
    2. Malware Detection Tools 00:05:44
    3. Malware Detection Techniques 00:04:36
    4. Memory Analysis 00:14:02
    5. Windows Event Logs 00:06:43
    6. Windows Event IDs 00:04:22