Threat Hunting Labs
@ThruntingLabs
Followers
645
Following
19
Media
4
Statuses
23
Train on raw telemetry from actual breaches. Investigate malware and reconstruct the kill chain from process creation to exfiltration and beyond.
Joined January 2026
We’ve created a Discord server for Threat Hunting Labs. If you want to stay up to date with platform updates, upcoming changes, and new features, this is where we’ll be sharing them first. We’ll also be discussing threat hunting techniques, investigations, and you’ll be able to
discord.com
Check out the Threat Hunting Labs community on Discord - hang out with 25 other members and enjoy free voice and text chat.
0
7
46
Funniest investigation of the week: Attacker logs in as admin → Opens the browser → Googles how to uninstall tools → Downloads a cracked Russian copy of "Revo Uninstaller" with an activation key → Installs it → Then uninstalls the tools they just used 🤦 😂 💀 The whole
2
27
273
Watch me get started with the platform and the highlights of me stumbling through the "Flash Hunt: NightShade C2 Multi-Stage Infection". @Kostastsale and the @ThruntingLabs team built something supremely useful and special if you are looking to train on real breaches.
Introducing Threat Hunting Labs. A training platform focused on realistic intrusion investigations. Start from an alert, analyze real telemetry, and work through structured investigation paths. Built for threat hunters, incident responders, and detection engineers. More
1
7
33
Introducing Threat Hunting Labs. A training platform focused on realistic intrusion investigations. Start from an alert, analyze real telemetry, and work through structured investigation paths. Built for threat hunters, incident responders, and detection engineers. More
threathuntinglabs.com
Hunt real intrusions. Learn to think like a threat hunter.
1
23
115
If true, this is VERY interesting! Iranian APT using deno for second stage execution. We caught this intrusion and will be making the data available in our Threat Hunting Labs that will be released next week! - @ThruntingLabs
@1ZRR4H @Kostastsale @ffforward @vxunderground After that detection from Microsoft, now @threatintel also connects the same Deno using malware samples to MuddyWater APT... Also in the same article, they suggest that some "Donald Gay" signed samples we have seen in recent weeks are also related to MuddyWater... 🤷♂️
0
8
56
The beta phase for Threat Hunting Labs is now closed. Huge thank you to everyone who tested the platform and provided feedback. Your input helped shape what the platform is today. We are now preparing for the official launch next week. As a thank you, everyone who participated
1
3
33
Big thank you to everyone who shared feedback 🙏 We’ve just rolled out a major upgrade based entirely on what you told us. The new experience is now live, with quality of life improvements across the platform to make investigations smoother and more enjoyable. We’ve also
1
1
13
If you have an invite for the beta of Threat Hunting Labs, you will get to investigate a full intrusion based on Odyssey macOS malware!
Good deep dive into Odyssey macOS Stealer. 🔎 🧬Lineage stays consistent: #AMOS → #Poseidon → #Odyssey 🧩 More context around the attack chain, infrastructure, and affiliate model helps complete the bigger picture: 📎 https://t.co/IA06FPXmo4
2
5
35
New update: The Malware Analysis Workspace is ready for the next wave of invites. 🌊 Features integrated - REMnux terminals, visual decision trees for infection chains, and structured analysis guides. Those who provide feedback will get a massive discount at launch!
8
12
127
We invited the first 150 users who signed up for early access. All invitees receive free credits to go through the investigations we currently have in beta. Great feedback so far!🙏 We will invite the second wave early next week! Thank you to everyone who is providing feedback!
2
2
13