Skip to content

Windows Core Processes Specefications and How to Hunt Suspicious ones (MindMap)

Notifications You must be signed in to change notification settings

HellishPn/Win-Core-Processes-for-Blues

Repository files navigation

Win-Core-Processes-for-Blue-Teams

i've made two mind maps for lovely blue Threat Hunters to have All Windows processes specification in one file (Mindmap) to easily identify suspicous ones and hunt them as fast as possible !
Dear Red teams can also use this to update there thechniques ..

  • General TIPs
  • SYSTEM
  • smss.exe
  • csrss.exe
  • winlogon.exe
  • wininit.exe
  • lsm.exe
  • lsass.exe
  • services.exe
  • svchost.exe
  • taskhost.exe
  • explorer.exe
  • dwm.exe

About

Windows Core Processes Specefications and How to Hunt Suspicious ones (MindMap)

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published