githubfoam · March 28, 2025 06:33
diff --git a/cyber threat intelligence cheat sheet b/cyber threat intelligence cheat sheet
 #===================================================================================================================================
 Analyzing cyber incidents, attack patterns, and TTPs (Tactics, Techniques, and Procedures) of threat actors.

 Working with SIEM tools for log analysis and real-time threat detection

 Investigating security breaches, malware analysis, and intrusion detection.

 Utilizing MITRE ATT&CK / Cyber Kill Chain, threat intelligence feeds / MISP, and OSINT to map threats to vulnerabilities

 Working as incident response and with legal inquiries

 Understanding the intelligence cycle (collection, processing, analysis).

 Handling and analyzing large datasets to derive threat insights.

 Drafting threat assessments and risk evaluations
 #===================================================================================================================================

    MITRE ATT&CK & CAPEC & D3FEND – Understanding adversary TTPs and attack patterns.
    CISA, NIST, SANS, and ENISA – Following cybersecurity frameworks, alerts, and threat landscape reports.
    Threat Intelligence Feeds (AlienVault OTX, AbuseIPDB, MISP, VirusTotal,Abuse.ch,Greynoise and Shodan) – Tracking indicators of compromise (IOCs) and emerging threats.
    Security Blogs & Reports (Krebs on Security, The DFIR Report, FireEye/Mandiant, Palo Alto Unit 42, CrowdStrike, SANS Internet Storm Center) – Monitoring real-world cyber incidents and APT group activities.
    Linkedin,github,X platform accounts
    
    Capture The Flag (CTF) & Red/Blue Team Exercises – platforms like TryHackMe,hackerrank,leetcode
    Open-Source Intelligence (OSINT) Tools – Maltego, The Harvester, and SpiderFoot for cyber threat investigations.
    Vulnerability databases (CVE)
 #===================================================================================================================================
	#===================================================================================================================================
	Analyzing cyber incidents, attack patterns, and TTPs (Tactics, Techniques, and Procedures) of threat actors.

	Working with SIEM tools for log analysis and real-time threat detection

	Investigating security breaches, malware analysis, and intrusion detection.

	Utilizing MITRE ATT&CK / Cyber Kill Chain, threat intelligence feeds / MISP, and OSINT to map threats to vulnerabilities

	Working as incident response and with legal inquiries

	Understanding the intelligence cycle (collection, processing, analysis).

	Handling and analyzing large datasets to derive threat insights.

	Drafting threat assessments and risk evaluations
	#===================================================================================================================================

	MITRE ATT&CK & CAPEC & D3FEND – Understanding adversary TTPs and attack patterns.
	CISA, NIST, SANS, and ENISA – Following cybersecurity frameworks, alerts, and threat landscape reports.
	Threat Intelligence Feeds (AlienVault OTX, AbuseIPDB, MISP, VirusTotal,Abuse.ch,Greynoise and Shodan) – Tracking indicators of compromise (IOCs) and emerging threats.
	Security Blogs & Reports (Krebs on Security, The DFIR Report, FireEye/Mandiant, Palo Alto Unit 42, CrowdStrike, SANS Internet Storm Center) – Monitoring real-world cyber incidents and APT group activities.
	Linkedin,github,X platform accounts

	Capture The Flag (CTF) & Red/Blue Team Exercises – platforms like TryHackMe,hackerrank,leetcode
	Open-Source Intelligence (OSINT) Tools – Maltego, The Harvester, and SpiderFoot for cyber threat investigations.
	Vulnerability databases (CVE)
	#===================================================================================================================================