Estimated Reading Time: 2 minutes Since last release i was working on new features and to increase the processing speed for large number of windows event logs files so i rebuilt the tool to use multiprocessing and added more feature that will help you in your next investigation. Download from here : https://github.com/ahmedkhlief/APT-Hunter/releases/tag/V3.0 APT-HUNTER V3.0 Features New use cases based…
Category: Purple Team
APT-Hunter V2.0 : More than 200 use cases and new features
Estimated Reading Time: 5 minutes APT-Hunter first released at the beginning of 2021 and since the release, many use cases and features were added along with bug fixes . APT-Hunter V2.0 now includes more than 200 use cases , log hunting , new frequency analysis , very easy to use and analyze multiple devices logs at same time . Github…
Introducing APT-Hunter : Threat Hunting Tool via Windows Event Log
Estimated Reading Time: 8 minutes APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity without the need to have complicated solution for parsing and detecting attacks in windows event logs like SIEM solutions…
Uncovering New Attack group ( APT FIREPLACE ) Targeting MENA
Estimated Reading Time: 14 minutes In this article am revealing technical details about a new attack group ( FIREPLACE APT as i named them based on the findings ) . i did reverse engineering on the backdoors to understand its usage so you will find in details analysis for these malwares . Note : All the observed evidences and analyzes…