Justin McGee monogram Justin McGee

Project

MITRE ATT&CK Threat Hunting Playbook

A practical reference for SOC analysts and threat hunters.

A defensive playbook integrating KQL queries for Kibana, Sigma rules, and PowerShell tradecraft, mapped to common adversary attack chains and corresponding defensive actions across the MITRE ATT&CK framework. Designed to accelerate detection engineering and incident response workflows.

KQL Kibana Sigma PowerShell MITRE ATT&CK
Back to projects
Full portable playbook included in this repo. The preview below is generated from the actual MITRE ATT&CK Threat Hunting Playbook HTML.
Screenshot preview of the MITRE ATT&CK Threat Hunting Playbook

Full Project Preview

Portable Threat Hunting Playbook

Open the complete browsable playbook with tactics, hunt cards, detection logic, PowerShell tools, dashboard references, and analyst workflow notes.

Open demo Project information