ThreatScroll is a personal repository curated and maintained by Yamilet Cruz (@Yamilithia), focused on technical analysis, intelligence documentation, and practical resources in the field of Cyber Threat Intelligence (CTI). It reflects ongoing work related to threat research, vulnerability insights, detection engineering, and knowledge sharing across security teams.
This repository includes:
-
Threat Investigations
Technical reports on real or simulated campaigns, structured using the MITRE ATT&CK framework. -
KQL Hunting Queries
Advanced hunting rules for Microsoft Defender and Sentinel, mapped to specific TTPs. -
CTI Utility Scripts
Lightweight scripts or snippets to extract, process, or correlate threat data (Python, Bash, etc.). -
Curated IOCs
Structured lists of indicators of compromise in CSV/JSON formats, ready for enrichment and detection use. -
Vulnerability Briefings
Summaries and actionable breakdowns of vendor advisories (Microsoft, Cisco, etc.) with practical recommendations for prioritization.
- hunting-queries – KQL queries for Defender and Sentinel.
- investigations – Threat investigations with MITRE ATT&CK mapping and IOCs.
- vuln-briefings – Vendor vulnerability analysis.
- threat-reports – Formal PDF/MD reports.
Hi! I'm a cybersecurity professional from the Dominican Republic with a focus on Threat Intelligence and Vulnerability Management. I specialize in:
- Analyzing threat actor activity and real-world campaigns.
- Mapping TTPs using the MITRE ATT&CK framework.
- Developing threat-informed hunting queries and detection logic.
- Interpreting vendor vulnerability bulletins to support remediation decisions.
This repository is a reflection of my technical work and continuous learning. It also aims to contribute to the community by sharing curated content and actionable insights for defenders, analysts, and incident response teams.
If you'd like to collaborate, give feedback, or discuss anything related to Threat Intelligence or cybersecurity, feel free to reach out:
- 🌐 LinkedIn: [www.linkedin.com/in/yamilet-cruz)
- 📧 Email: yamilithia@gmail.com
Built with curiosity, discipline, and a lot of coffee.
By Yamilet Cruz – Threat Intelligence & Vulnerability Specialist