i've made two mind maps for lovely blue Threat Hunters to have All Windows processes specification in one file (Mindmap) to easily identify suspicous ones and hunt them as fast as possible !
Dear Red teams can also use this to update there thechniques ..
- General TIPs
- SYSTEM
- smss.exe
- csrss.exe
- winlogon.exe
- wininit.exe
- lsm.exe
- lsass.exe
- services.exe
- svchost.exe
- taskhost.exe
- explorer.exe
- dwm.exe
