SecurityResearcher-Note: A repository from Shadrack25

Welcome to @SecurityResearcher-Note

In this repository, I will cover various security approaches to attack techniques and share new discoveries about security breaches. Through the new discoveries and learnings shared in this repository, I hope to provide helpful insights for those involved in security operations, hunting, incident response, and more.

Security Research-Note

Day	Title	Comment
Day1	Day1-Basic-Malware-Analysis.md
Day2	Day2-APT29-Part1-Overview.md Day2-APT29-Part2-Midnight-Blizzard.md Day2-APT29-Part3-Midnight-Blizzard.md Day2-APT29-Part4-Midnight-Blizzard-MDE-EvaluationLab.md	Russia-based activity group
Day3	Day3-Microsoft-ThreatActorNamingTaxonomy.md
Day4	Day4-Mango-Sandstorm-Part1-Overview.md Day4-Mango-Sandstorm-Part2-AttackTechniques-Insights.md Day4-Mango-Sandstorm-Part3-AttackTechniques-Insights.md	Iran-based activity group
Day5	Day5-AntivirusConfig-Tips.md	EPP
Day6	Day6-M365D-XDR-AutomaticAttackDisruption.md	AiTM, BEC, Human-operated ransomware
Day7	Day7-AiTM-Insights-XDR.md	AiTM, BEC
Day8	Day8-WebShell-Insights-XDR.md	Web shell
Day9	Day9-XDR-Insights-part1.md	XDR
Day10	Day10-XDR-Insights-part2.md	XDR
Day11	Day11-MalwareAnalysis-Insights-part1.md Day11-MalwareAnalysis-Insights-part2.md	Malware Analysis EDR, XDR
Day12	Day12-Volt-Typhoon-Base64.md Day12-Volt-Typhoon-Base64.pdf - <PDF>	China-based activity group Base64, Credential dumping
Day13	Day13-WDigest-credential-harvesting-attack.md	WDigest, Mimikatz
Day14	Day14-macOS-SIP-Bypass-Insights.md	SIP Bypass macOS vulnerability

Product Research-Note

Day	Title	Comment
Day1	Day01-MDE-MDI-BetterTogether-Part1.md	Reconnaissance, SAMR
Day2	Day02-MDE-MDI-BetterTogether-Part2.md	Reconnaissance, SMB, LDAP
Day3	[MDO File Detonation & Deep Analysis] SOON !!