Threat KB

ThreatRecon.io Threat KB pages are educational and defensive summaries for static triage, detection engineering, and analyst workflow support.

The analyzer does not attribute submitted artifacts to families or actors. Treat these notes as context for human review.

Each starter writeup includes behavior notes, MITRE ATT&CK mapping, IOC placeholders, detection opportunities, and defensive recommendations.

• LockBit Defensive Triage Notes
• RedLine Stealer Defensive Triage Notes
• QakBot Defensive Triage Notes
• AsyncRAT Defensive Triage Notes
• Emotet Defensive Triage Notes