Anyone in the fediverse doing some threat hunting using #ATP or another EDR? Looking for some people to brainstorm techniques with.
I've just started looking at the #XCyclopedia as a source of inspiration - it's has really handy enrichment from a variety of external #LOLBin repositories to see potential misuse examples. It has even started enumerating COM objects which is cool.
