Threat hunting is a proactive cybersecurity approach that combines digital forensics and incident response tactics to identify unknown and ongoing cyber threats that have remained undetected inside an organization's network.
Undetected Malware- Malicious software that hasn’t been detected by traditional signature-based anti-virus solutions.
Web Shells - Typically .php scripts that allow an attacker to take control of a web server and access everything as if they are on the server directly.
Unusual Network Activity - **** Such as traffic originating or going to unusual ports, larger than expected packets, and unusual DNS queries.
Modified System Objects -
Such as registry entries on Windows OS that have been altered or impersonated.
Unauthorized remote application tools or LOL Bins being leveraged with malicious intent.