Archive - THOR Collective Dispatch

Dispatch Debrief: October 2025

Seven Dispatch drops that prove hunting smarter beats hunting harder.

Oct 30 •

From the Fire: Q3FY25

Living off the land, hiding in plain sight, and outsmarting controls.

Oct 23 •

Aligning Risk Management and Threat-Informed Defense Practices (Part 1)

Cybersecurity is a complex field full of unique, specialized disciplines.

Oct 16 •

Micah VanFossen

Sliver Armory in Action: Bringing Sliver Armory BOFs to Purple Teaming

When I first wrote about Sliver beacons in purple teaming, the point was simple: implants aren’t just red-team toys, they’re teaching tools for…

Oct 14 •

Hunting Beyond Indicators

Indicators of Compromise (IOCs) are a powerful tool for security analysts and researchers to identify, track, and discover threat actor infrastructure…

Oct 9 •

The Shape of Time: Mastering timechart

SPL Dispatch #3 - 10/07/2025

Oct 7 •

Agentic Threat Hunting, Part 2: Starting a Hunt Repo

The first trick to scaling hunting? Give your AI a treat: a repo.

Oct 2 •

Ask-a-Thrunt3r: September 2025 Recap 🐏

Mainly ramblings. And maybe some wisdom.

Oct 1 •

,

, and

48:31

September 2025

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts