mthcht
LightNews LightNews
banner
mthcht.bsky.social
mthcht
@mthcht.bsky.social
890 followers 310 following 54 posts
Threat Hunting - DFIR - Detection Engineering
🐙 https://github.com/mthcht
🐦 https://x.com/mthcht
📰 https://mthcht.medium.com
Posts Replies Media Videos
mthcht.bsky.social
@hexacorn.bsky.social :o someone just sent me your list hexacorn.com/examples/201... this is great thanks!
March 28, 2025 at 12:45 AM
mthcht.bsky.social
Thanks! Glad you like them!
March 9, 2025 at 2:25 AM
mthcht.bsky.social
Of course! PRs are welcome 🙏
February 27, 2025 at 8:51 PM
mthcht.bsky.social
Hexadecimal IP Detection:

Identifiy hexadecimal IP addresses format in command lines with a "simple" regex (some default behaviors to exclude)
February 9, 2025 at 7:06 PM
mthcht.bsky.social
Special Caracters anomaly Detection:

This query Extracts common special caracters from the process command line, counts occurrences, calculates ratio, and return commands with more than 20% specials caracters in it, could catch the quote insertions and url transformers techniques
February 9, 2025 at 7:06 PM
mthcht.bsky.social
github.com/blechschmidt...
GitHub - blechschmidt/massdns: A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration) - blechschmidt/massdns
github.com
February 9, 2025 at 7:02 PM