Windows Endpoint Threat Detection & Persistence Analysis Using Sysmon and Splunk (MITRE T1547.001)
This documentation presents a hands-on SOC investigation focused on detecting and validating Windows registry-based persistence using Sysmon and Splunk. The project demonstrates how common auto-start
babatundeqodri.hashnode.dev21 min read