Jupyter Notebooks
toolsmith #133 – Anomaly Detection & Threat Hunting with Anomalize
When, in October and November's toolsmith posts, I redefined DFIR under the premise of Deeper Functionality for Investigators in R, I discovered a "tip of the iceberg" scenario. To that end, I'd ...
toolsmith #132 – The HELK vs APTSimulator – Part 2
Continuing where we left off in The HELK vs APTSimulator - Part 1, I will focus our attention on additional, useful HELK features to aid you in your threat hunting practice. HELK ...