README.md

Welcome to @SecurityResearcher-Note

In this repository, I will cover various security approaches to attack techniques and share new discoveries about security breaches. Through the new discoveries and learnings shared in this repository, I hope to provide helpful insights for those involved in security operations, hunting, incident response, and more.

1. Security Research-Note
2. Product Research-Note

Security Research-Note

Day	Title	Comment
Day1	Day1-Basic-Malware-Analysis.md
Day2	Day2-APT29-Part1-Overview.md Day2-APT29-Part2-Midnight-Blizzard.md Day2-APT29-Part3-Midnight-Blizzard.md Day2-APT29-Part4-Midnight-Blizzard-MDE-EvaluationLab.md	Russia-based activity group
Day3	Day3-Microsoft-ThreatActorNamingTaxonomy.md
Day4	Day4-Mango-Sandstorm-Part1-Overview.md Day4-Mango-Sandstorm-Part2-AttackTechniques-Insights.md Day4-Mango-Sandstorm-Part3-AttackTechniques-Insights.md	Iran-based activity group
Day5	Day5-AntivirusConfig-Tips.md	EPP
Day6	Day6-M365D-XDR-AutomaticAttackDisruption.md	AiTM, BEC, Human-operated ransomware
Day7	Day7-AiTM-Insights-XDR.md	AiTM, BEC
Day8	Day8-WebShell-Insights-XDR.md	Web shell
Day9	Day9-XDR-Insights-part1.md	XDR
Day10	Day10-XDR-Insights-part2.md	XDR
Day11	Day11-MalwareAnalysis-Insights-part1.md Day11-MalwareAnalysis-Insights-part2.md	Malware Analysis EDR, XDR
Day12	Day12-Volt-Typhoon-Base64.md Day12-Volt-Typhoon-Base64.pdf - <PDF>	China-based activity group Base64, Credential dumping
Day13	Day13-WDigest-credential-harvesting-attack.md	WDigest, Mimikatz
Day14	Day14-macOS-SIP-Bypass-Insights.md	SIP Bypass macOS vulnerability
Day15	Day15-XDR-Insights-2024update.md	XDR
Day16	Day16-CloudId-Exfiltration-AttackReport-Part1.md Day16-CloudId-Exfiltration-AttackReport-Part2.md	Identity abuse Exfiltration
Day17	Day17-Hunting-APIcalls-insight.md	API, MDE
Day18	Day18-LotL-detection-part1.md	LotL
Day19	Day19-ThreatActor-Discovery.md	Discovery

Product Research-Note

Day	Title	Comment
Day1	Day01-MDE-MDI-BetterTogether-Part1.md	Reconnaissance, SAMR
Day2	Day02-MDE-MDI-BetterTogether-Part2.md	Reconnaissance, SMB, LDAP
Day3	Day03-MDO-FileDetonation-DeepAnalysis.md	FileDetonation, DeepAnalysis
Day4	Day04-MDI-DeploymentConsiderations.pdf	ITDR, MDI

Microsoft Copilot for Security, Kijo Catchup LOG

LOG	Title
LOG-01	Microsoft Copilot for Securit / Update history

Other

Microsoft Security Blog

• Jul 31 2023, AiTM & BEC threat hunting with KQL

Event Speaker

Microsoft 365 Defender Virtual Ninja Training

• November 8 2023, Advanced Hunting & Data visualization in Microsoft 365 Defender
• November 8 2023, The Virtual Ninja Show | Season 6 Episode 2

Disclaimer

The views and opinions expressed herein are those of the author and do not necessarily reflect the views of company.