Threat Hunting
A collection of guides and reports on proactive, hypothesis- and TTP-driven threat hunting and detection—frequently focused on identifying Cobalt Strike C2 infrastructure—providing hunt methodologies, telemetry queries, IOCs, and mitigation guidance.
List of posts related to this topic
| Post Title | Date Published↓ | Describes Incident | Feed | ||
|---|---|---|---|---|---|
 | The Complete Guide to Hunting Cobalt Strike â Part 1: Detecting in Open Directories | 2026-02-16 | True | Hunt.io Blog Not Subscribed | |
| The Complete Guide to Hunting Cobalt Strike - Part 2: 10+ HuntSQL Recipes to Find Cobalt Strike | 2026-02-16 | True | Hunt.io Blog Not Subscribed | |
| The Complete Guide to Hunting Cobalt Strike - Part 3: Automated C2 Infrastructure Discovery | 2026-02-16 | True | Hunt.io Blog Not Subscribed | |
| Cobalt on the weekends | 2025-06-08 | True | IntelInsights (Substack) Not Subscribed | |
| Top Strategies for Effective Cobalt Strike Detection in Your Network | 2025-02-28 | True | Fidelis Security Not Subscribed | |
| From 939 to 85 : Hunting Cobalt Strike Servers | 2024-12-15 | True | IntelInsights (Substack) Not Subscribed | |
| A Guide to Threat Hunting in a SOC | 2021-06-28 | True | On the Hunt Not Subscribed |