This repository contains a few personal mindmaps I use as a reference for threat hunting and incident response. It is currently highly WIP.
- Hunting for common lateral movement mechanisms
- Evidence of execution (prefetch files, Amcache...)
- Methods of credentials theft and associated protections
These mindmaps are for my personal reference and might consequently be incomplete, intentionally or not. Feel free to open an issue for discussion though!