Useful Threat Hunting resources: blogs, books, trainings, people to follow, research articles, talks etc.
- Windows Security Monitoring, Scenarios and Patterns (Andrei Miroshnikov)
- Windows Internals (Part 1,2)
- Windows System Programming Part 1,2 (Pavel Yosifovich)
- Windows Kernel Programming (Pavel Yosifovich)
- Windows Internals (Pavel Yosifovich)
- Windows Process Injection for Red-Blue Teams (PentesterAcademy, Pavel Yosifovich)
- WinDbg Fundamentals: User Mode (PentesterAcademy, Pavel Yosifovich)
- WinDbg Fundamentals: Kernel Mode (PentesterAcademy, Pavel Yosifovich)
- Windows API Exploitation Recipes: Processes, Tokens and Memory RW (PentesterAcademy)
- WMI Attacks and Defense (PentesterAcademy, Nikhil Mittal)
- Windows System Programming: Fundamentals (PentesterAcademy, Pavel Yosifovich)
- Attacking and Defending Active Directory (PentesterAcademy, Nikhil Mittal)
- Advanced Windows Tradecraft (Nikhil Mittal)
- Attacking and Defending Active Directory (PentesterAcademy)
- Advanced Red Team Lab (PentesterAcademy, Nikhil Mittal)
- Global Central Bank: An Enterprise Cyber Range (PentesterAcademy, Nikhil Mittal)
- Attacking Active Directory with Linux (PentesterAcademy, Nikhil Mittal)
- https://adsecurity.org/
- http://www.harmj0y.net/blog/blog/
- https://www.netspi.com/blog/technical/
- https://posts.specterops.io/archive
- https://specterops.io/how-we-help/training-offerings/adversary-tactics-detection
- https://specterops.io/how-we-help/training-offerings/adversary-tactics-tradecraft-analysiss
- https://www.mdsec.co.uk/knowledge-centre/insights/
- https://blog.f-secure.com/tag/f-secure-countercept/
- https://posts.specterops.io/archive
- https://cyberpolygon.com/materials/threat-hunting-why-might-you-need-it/
- https://cyberpolygon.com/materials/threat-hunting-in-action/
- https://cyberpolygon.com/materials/hunting-for-advanced-tactics-techniques-and-procedures-ttps/
- https://www.mdsec.co.uk/training/adversary-simulation-red-team-tactics/
- https://specterops.io/how-we-help/training-offerings/adversary-tactics-red-team-operations
- https://specterops.io/how-we-help/training-offerings/adversary-tactics-vulnerability-research-for-operators
- The Linux Programming Interface: A Linux and UNIX System Programming Handbook (Michael Kerrisk)
- MacOS and iOS Internals, Volume I: User Mode
- MacOS and iOS Internals, Volume II: Kernel Mode
- MacOS and iOS Internals, Volume III: Security & Insecurity