Explore DeepBlueCLI, a PowerShell module designed for hunt teaming through Windows event logs, in this 49-minute conference talk from Derbycon 2016. Delve into the evolution of payloads, common client environments, and key indicators to monitor. Learn about logging new process creation, script writing techniques, and important design considerations. Examine use cases for DeepBlueCLI, including its application with Metasploit, hash dumping, and modern system attacks. Discover how to detect obfuscation attempts and gain insights on next steps for implementation. Conclude with a practical demonstration of DeepBlueCLI's capabilities in enhancing Windows event log analysis for improved threat detection and response.