Threat Hunting Course with Jupyter, Hunting PowerShell Remote Execution , Part 3

Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected in a network. Cyber threat hunting digs deep to find malicious actors in your environment that have slipped past your initial endpoint security defenses. In this course we will discuss how Jupyter Notebook or Jupyter Lab can be useful for doing Threat Hunt.

This is Part-3 of this full series, where we have explained hunting against Remote PowerShell execution. Adversaries can use PowerShell to perform a number of actions, including discovery of information and execution of code. In addition, it can be used to execute code remotely via Windows Remote Management (WinRM) services. Therefore, it is important to understand the basic artifacts left when PowerShell is used to execute code remotely via a remote powershell session.

So watch the full Episode if you want to become Master in Threat Hunt and want to operationalize it using Jupyter Notebook.

WATCH BELOW episodes as well as a continuation of this series
-------------------------------------------------------------------------------------------------------------------------

📞📲
FOLLOW ME EVERYWHERE-
-------------------------------------------------------------------------------------------------------------------------
✔ Twitter: @blackperl_dfir

🙏Credits:
-------------------------------------------------------------------------------------------------------------------------
I would like to THANKS a bunch to Roberto Rodriguez and Jose Rodriguez for coming up with the Threat Hunter Playbook and awesome Mordor Dataset!!
👉Please follow them on twitter- @Cyb3rWard0g, @Cyb3rPandaH