10 Resources for beginners to learn Threat Hunting

3 min readJul 17, 2022

Threat Hunting:

Threat hunting is a specific domain in cyber security that aims to identify any attacks or threats in the business organization. Threat hunters identify these attacks in the network and use tools such as EDR to detect any advanced persistent threats that might have not been detected by security tools such as firewalls, incident response teams, etc. Once the process is implemented internally, these hunters can proactively check for any threats in the outside world using threat intelligence. So threat hunting can be described as a process of identifying threats or vulnerabilities during the attack phases while Digital forensics is performed after the attack is being executed.

Resources for Threat hunting:

This article highlights the methodology of threat hunting(TH) in an organization and provides insights on various TH terminologies.

Credits — @louisebyrne25

A Beginner's Guide to Threat Hunting

This post was written with contributions from IBM Security X-Force's Anne Jobmann, Claire Zaboeva and Richard Emerson…

securityintelligence.com

2. Certifications — @eLearnSecurity

This certification aims to provide insights and identification of threat hunting capabilities.

eCTHPv2 Certification

eLearnSecurity's Certified Threat Hunting Professional is an expert-level certification in threat hunting and threat…

elearnsecurity.com

3. A combined security resources of books in threat research

Author — Fakhar Imam

Threat Hunting Resources - Infosec Resources

Threat hunting as a profession and security strategy has gained tremendous popularity in recent years. Due to its…

resources.infosecinstitute.com

4. Threat hunting via Sysmon by @SANSInstitute

5. This article describes the security monitoring and threat hunting process in Okta log files

Credits — @threatpunter

Threat hunting in Okta logs

Threat hunting tips to help blue teams defend their Okta Single Sign-On (SSO) organization from attack.

medium.com

6. This website consists of various security lab environments for practicing purposes.

Author — @limacharlieio

Security Infrastructure as a Service - LimaCharlie.io

Security Infrastructure as a Service LimaCharlie gives security teams full control over how they manage their security…

limacharlie.io

7. A GitHub repo that has various TH procedures and identifies specific hunting techniques.

Author — @ThreatHuntProj

GitHub - ThreatHuntingProject/ThreatHunting: An informational repo about hunting for adversaries in…

An informational repo about hunting for adversaries in your IT environment. Be sure to visit ThreatHunting.net for more…

github.com

8. Training and Certification by — @SecBlueTeam

Introduction to Threat Hunting " SECURITY BLUE TEAM

Welcome! Welcome to our course for Threat Hunting! This specialised purple-team role focuses on detecting advanced…

securityblue.team

9. Blogs and In detailed technical TH video by — @immersivelabs

Webinar: Threat Hunting with Sigma Rules

Today's attacks are growing more sophisticated and successful. What was once accomplished using lots of custom malware…

www.immersivelabs.com

10. Research and scientific papers by — @CertifyGIAC

If you guys enjoyed the blog a clap would mean so much to me. It keeps me motivated to post more content on Twitter and in blogs.

Networking-

Hope this write-up was helpful. Collaboration and networking are something that I have always enjoyed. Let’s connect.

Linkedin — https://www.linkedin.com/in/balapraneeth/

Twitter — https://twitter.com/Begin_hunt

Happy hacking !!!
If you have reached this far, thank you for reading this article. Kindly feel free to point out any mistakes and do let me know where I can improve in writing and explaining in detail. Appreciate it!!. All the best.