You don’t need a desk to build.
I used AI more from my phone last month than from my desk. What mattered was removing friction and building where ideas show up.
👉 New on @thorcollective.bsky.social Dispatch:
dispatch.thorcollective.com/p/you-dont-n...
“I’m not a developer” is a self-imposed limit.
If you’ve written a query, a script, or an automation to fix a problem, you’re already building.
In the latest @thorcollective.bsky.social Dispatch, we talk about why building is a core security skill.
dispatch.thorcollective.com/p/why-you-sh...
🚨New post on @THOR_Collective Dispatch🚨
“Aligning Risk Management and Threat-Informed Defense Practices (Part 2)” by Micah VanFossen
What happens when you sync risk, controls, and threat intel to drive real-security outcomes.
dispatch.thorcollective.com/p/aligning-r...
#thrunting #grc
🚨New post on @THOR_Collective Dispatch🚨
Purple teaming isn’t shiny. It’s delays, blockers, tickets & pivots. And that’s okay.
open.substack.com/pub/thorcoll...
#thrunting #PurpleTeaming
🚨New post on @THOR_Collective Dispatch🚨
Meet Sliver Armory BOFs. Tiny in-memory payloads you run from a beacon to test technique-based detections, not filenames. Cleaner telemetry, repeatable tests, real thrunting value. Read here: dispatch.thorcollective.com/p/sliver-bof...
In this week’s @thorcollective.bsky.social Dispatch, Sam Hanson lays out how to move beyond indicator-based hunting and build detection muscle that actually scales.
👉 dispatch.thorcollective.com/p/hunting-be...
If tstats gives you speed and eventstats gives you context...timechart gives you shape.
This week’s @thorcollective.bsky.social SPL Dispatch breaks down how to use timechart to uncover rhythm, automation, and the a cron job masquerading as “normal.”
dispatch.thorcollective.com/p/the-shape-...
Threat hunting falls apart when your “docs” live in Slack threads.
Part 2 of the @thorcollective.bsky.social Dispatch Agentic Threat Hunting series covers the first step to scaling: put your hunts in a GitHub repo and give your AI bestie memory.
dispatch.thorcollective.com/p/agentic-th...
From temporal to behavioral, baselines are the thrunter’s compass. September’s Dispatch from @thorcollective.bsky.social shows how to use them to sharpen the hunt and includes ten baseline hunts you should be running now.
🔗 dispatch.thorcollective.com/p/dispatch-d...
You can’t find weird if you don’t know normal.
@thorcollective.bsky.social
just dropped 10 baseline hunts you can shine in the dark parts of your env and magnify the adversaries from the noise.
Join us for all the thrunting 👉: open.substack.com/pub/thorcoll...
#threathunting #infosec
Cybersecurity needs more than hackers in hoodies.
In this week’s @thorcollective.bsky.social Dispatch, Courtney Shar shares how project management skills like risk alignment, process design, and team coordination directly strengthen security programs.
👉 dispatch.thorcollective.com/p/beyond-hac...
🚨 Think your browser extensions are harmless?
Join @johntuckner.me for @thorcollective.bsky.social
and learn how to hunt the dangerous ones before they hunt you:
thorcollective.substack.com/p/even-if-ma...
#cybersecurity #infosec #threathunting #thrunting
🚨New post on @thorcollective.bsky.social Dispatch 🚨
Certis Foster didn't hunt for it.
It revealed itself.
The key? Plotting behavior in 3D space:
🕒 Time
🗺️ Terrain
🎯 Behavior
Outliers can’t hide in 3D.
dispatch.thorcollective.com/p/cant-hide-...
#threathunting #thrunting #THORcollective
If you don’t know what “normal” looks like in your environment, you’re not hunting...you’re hoping.
Our latest @thorcollective.bsky.social Dispatch post breaks down 5 baselines every thrunter needs.
Map normal. Track drift. Catch threats.
Read here: dispatch.thorcollective.com/p/you-cant-f...
Summertime sadness hit the Dispatch hard: sunscreen > screen time. 🌞
But the hunts never stopped, and this month we’re back with fresh chaos, AI wisdom, and a noob’s-eye view of DEF CON.
👉 Catch the @thorcollective.bsky.social August Dispatch: dispatch.thorcollective.com/p/dispatch-d...
The Quiet War isn’t loud breaches or ransomware. It’s subtle. AI-driven adversaries are blending in and evading detection.
Hunters must shift: hunt intent, not just indicators.
👉 New guest post by Damien Lewke on @thorcollective.bsky.social Dispatch: dispatch.thorcollective.com/p/the-quiet-...
What happens when you throw yourself into DEFCON for the very first time? You get Line Con, Noob Village wisdom, hacker merch battles, Flipper Zero impulse buys, Hacker Jeopardy chaos, and the realization that DEFCON is not just a con, it is a community.
dispatch.thorcollective.com/p/my-first-d...
Shoutout to our fam Elipscion, who's spinning live at DEF CON 33 this Friday at 8pm on the DEF CON stage.
🎧 Listen here: open.spotify.com/artist/2tgPZ...
🔥 Join our @thorcollective.bsky.social meetup during his set. Say hi, talk hunts, and grab some free swag. See you there!
Threat hunting is broken.
We can’t out-query adversaries who automate everything.
Enter the agentic threat hunter. An AI that thinks, hypothesizes, investigates, and scales.
In the latest @thorcollective.bsky.social Dispatch, we explore this shift:
📌 dispatch.thorcollective.com/p/the-agenti...
Heading to hacker summer camp?
I wrote a survival guide for DEF CON, Black Hat, etc.
- Pick your purpose
- Villages > talks
- Hallway track is real
- You belong here
👽 dispatch.thorcollective.com/p/con-101-ho...
@thorcollective.bsky.social will be out there with thrunting stickers—come say hi.
🚨New post on @thorcollective.bsky.social Dispatch🚨
Tired of getting ignored after dropping a valid XSS vuln?
Stop showing alert(1) pop-ups & start stealing sessions.
Make it real. Bring a bit of pain.
Read it here 👉 open.substack.com/pub/thorcoll...
New from @thorcollective.bsky.social Dispatch: If You Like It Then You Should’ve Put a timechart on It
We’re diving into why timechart is a threat hunter’s best friend. From beaconing to privilege spikes, baselines, and more.
Read it here 👉 dispatch.thorcollective.com/p/if-you-lik...
THRUNTING isn’t just a buzzword. It’s a mindset. 🐑
Inspired by Tim Peters’ 19 aphorisms for Python, @thorcollective.bsky.social Dispatch introduces "The Zen of Thrunting."
dispatch.thorcollective.com/p/the-zen-of...
Stay curious. Happy thrunting.
Dispatch Debrief: June 2025
Everything’s fine… until it isn’t.
This month’s @thorcollective.bsky.social Dispatch served up a spicy mix of threat hunting, plugin paranoia, purple teaming insights, and a few thrunting curveballs to keep you sharp.
🌶️ dispatch.thorcollective.com/p/dispatch-d...
🔌 That browser extension? That IDE plugin? Might not be doing what you think.
New on @thorcollective.bsky.social Dispatch: five hunt ideas + a PEAK deep dive into sneaky plugin abuse.
Start with visibility. Hunt what blends in.
📖 dispatch.thorcollective.com/p/your-plugi...
New guest post on thorcollective.bsky.social Dispatch from infosecsherpa.bsky.social:
Don’t Let Mis(s) Information Take the Crown 👑
This post shows how to apply the Intelligence Cycle to news and help you filter bias.
Read it here: dispatch.thorcollective.com/p/dont-let-m...
⚡ New @thorcollective.bsky.social Dispatch drop
No hallucinations here. Just TTPs that quietly defined Q1 2025.
🔐 OAuth abuse
📦 Malicious packages
🖥️ SimpleHelp RMM exploits
Stay ahead with what to hunt & where to look.
👉 dispatch.thorcollective.com/p/from-the-f...
#THORCollective
#threathunting
🚨 New post on @thorcollective.bsky.social Dispatch🚨
Red with Benefits: Purple Teaming with Sliver Beacons
Sliver isn’t just for flexing during pentests, it’s your new favorite detection engineering wingman.
👇
dispatch.thorcollective.com/p/red-with-b...
The May Dispatch is live.
Fresh insights from @thorcollective.bsky.social and guest contributors on detection in depth, AI in the SOC, career overlaps, and making your hunts actually matter.
Plus memes. Obviously.
👉 dispatch.thorcollective.com/p/dispatch-d...
✨ New THOR Collective post ✨
Introducing Threat Hunting Relevancy Factors (THRF!) These factors can help you create relevant hunts and tangible impact for your organization. Show your business that you mean bzns. 📈
Join us at 👉: dispatch.thorcollective.com/p/threat-hun...
#threathunting
