Project Information

MITRE ATT&CK Threat Hunting Playbook

A practical reference for SOC analysts and threat hunters.

This project is a browsable defensive playbook that maps common adversary behavior to MITRE ATT&CK tactics, hunt cards, detection logic, and analyst workflow notes. It is designed to help a SOC analyst move from an observed behavior to an actionable hunt or response step.

The playbook includes KQL queries for Kibana, Sigma-style detection ideas, PowerShell tradecraft notes, dashboard references, field-mapping guidance, and defensive context for common attack chains.