├── Application Whitelisting Bypass: regsvr32.exe
├── Audit log cleared
├── Bypass Authentication
├── Bypass Proxy using WMIC
├── Certutil - Bypass proxy
├── Detection of Cloud storage artifacts
├── Detection of Password Dumping Tools
├── Exfiltration artifacts
├── Golden & Silver Ticket Detection
├── HTML Application File - Evade Detection
├── Image File Execution Option
├── Living of the Land techniques - Security Evasion
├── MSIEXEC - Evade Detection
├── Malicious Compiled HTML File
├── Malicious VCF File
├── Mimikatz Detection
├── New Service Installation- Windows Event
├── Open Source Tools-Bypass Proxy
├── PnP Driver Installations - Windows Event
├── README.md
├── Remote Administration Tools
├── Service Loaded from temp or download directory
└── Windows command execution


/Application Whitelisting Bypass: regsvr32.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Application Whitelisting Bypass: regsvr32.exe


--------------------------------------------------------------------------------
/Audit log cleared:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Audit log cleared


--------------------------------------------------------------------------------
/Bypass Authentication:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Bypass Authentication


--------------------------------------------------------------------------------
/Bypass Proxy using WMIC:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Bypass Proxy using WMIC


--------------------------------------------------------------------------------
/Certutil - Bypass proxy:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Certutil - Bypass proxy


--------------------------------------------------------------------------------
/Detection of Cloud storage artifacts:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Detection of Cloud storage artifacts


--------------------------------------------------------------------------------
/Detection of Password Dumping Tools:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Detection of Password Dumping Tools


--------------------------------------------------------------------------------
/Exfiltration artifacts:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Exfiltration artifacts


--------------------------------------------------------------------------------
/Golden & Silver Ticket Detection:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Golden & Silver Ticket Detection


--------------------------------------------------------------------------------
/HTML Application File - Evade Detection:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/HTML Application File - Evade Detection


--------------------------------------------------------------------------------
/Image File Execution Option:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Image File Execution Option


--------------------------------------------------------------------------------
/Living of the Land techniques - Security Evasion:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Living of the Land techniques - Security Evasion


--------------------------------------------------------------------------------
/MSIEXEC - Evade Detection:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/MSIEXEC - Evade Detection


--------------------------------------------------------------------------------
/Malicious Compiled HTML File:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Malicious Compiled HTML File


--------------------------------------------------------------------------------
/Malicious VCF File:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Malicious VCF File


--------------------------------------------------------------------------------
/Mimikatz Detection:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Mimikatz Detection


--------------------------------------------------------------------------------
/New Service Installation- Windows Event:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/New Service Installation- Windows Event


--------------------------------------------------------------------------------
/Open Source Tools-Bypass Proxy:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Open Source Tools-Bypass Proxy


--------------------------------------------------------------------------------
/PnP Driver Installations - Windows Event:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/PnP Driver Installations - Windows Event


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/README.md


--------------------------------------------------------------------------------
/Remote Administration Tools:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Remote Administration Tools


--------------------------------------------------------------------------------
/Service Loaded from temp or download directory:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Service Loaded from temp or download directory


--------------------------------------------------------------------------------
/Windows command execution:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Th1ru-M/Windows-Threat-Hunting/HEAD/Windows command execution


--------------------------------------------------------------------------------