Links and acronym expansion from John Strand's "Cyber Threat Hunting" presentation

CyberThreatHunting_links.txt

Acronyms:
 ASN: Autonomous System Number (map to network providers)
 DLP: Data Loss Prevention
 EDR: Endpoint Detection and Response
 EP: Endpoint Protection
 NSM: Network Security Monitoring
 UEBA: User/Entity Behavior Analytics
 
C&C control planes:
 https://github.com/byt3bl33d3r/gcat
 https://github.com/DakotaNelson/sneaky-creeper
 
Resources:
 https://www.auditscripts.com/free-resources/critical-security-controls/
 https://mitre-attack.github.io/attack-navigator/enterprise/
 https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md
 https://blog.redteam.pl/2019/04/dns-based-threat-hunting-and-doh.html
 https://www.blackhillsinfosec.com/getting-started-with-tcpdump/ 
 https://owasp-skf.gitbook.io/asvs-write-ups/
 https://www.activecountermeasures.com/raspberry-pi-network-sensor-webinar-qa/
 
Tools:
 curl ipinfo.io/$target_ip
 https://jpcertcc.github.io/ToolAnalysisResultSheet/
 https://github.com/JPCERTCC
 https://www.activecountermeasures.com/free-tools/rita/
 https://github.com/DustyMMiller/SysmonBeaconing/blob/master/SysmonBeaconing.ps1
 https://www.r-project.org/
 https://bgpranking.circl.lu/
 https://asrank.caida.org/
 https://pi-hole.net/
 https://www.activecountermeasures.com/free-tools/passer/
 https://www.splunk.com/en_us/training/free-courses/splunk-fundamentals-1.html
 https://rocknsm.io/

Webcasts:
 BHIS Securing home networks for remote work
  https://www.youtube.com/watch?v=Oon_SGqxu4g
 BHIS Attack Tactics for the Blue team
  https://youtu.be/c7x5JsR16Qw
 RITA and AI-Hunter Demo
  https://www.youtube.com/watch?v=h8KNyhSMoig
   
Youtube Playlists:
 https://www.blackhillsinfosec.com/detecting-malware-beacons-with-zeek-and-rita/
 https://www.blackhillsinfosec.com/getting-started-with-wireshark/