Introducing ArTHIR –ATT&CK Remote Threat Hunting Incident Response Windows tool presented at BSidesOklahoma 2019

by Michael Gough,

Summary : ArTHIR is a modular framework that can be used remotely against one, or many target systems to perform Threat Hunting, Incident Response, compromise assessments, configuration, containment, and any other activities you can conjure up utilizing built-in PowerShell (any version), or binary & (WinRM).