Skip to content
Resolvn Threat Hunting Virtual Machine
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


The Resolvn Threat Hunting Virtual Machine (RTHVM) is a training resource used during a 2019 Packet Hacking Village workshop titled Intel-driven Hunts for Nation-state Activity Using Elastic SIEM.

In this workshop, participants analyzed Windows event logs of known malicious activity from various stages of the attack lifecycle. With key indicators identified, participants built Elastic SIEM Timelines for repeatable detection of MITRE ATT&CK techniques.

Workshop Slides
Virtual Machine

You can’t perform that action at this time.