A common misconception about threat hunting is that its purpose is to surface adversaries hiding in your environment. That's one possible outcome, and in a healthy program, it's the rarest of the three.
Parser for the Windows 11 Start Menu's CBS subsystem. Extracts forensic artifacts from the MicrosoftWindows.Client.CBS package: Start Menu search history, cached Bing queries, and application launch counts.