Detection Engineering - YARA and its Ecosystems 15
- Part 1 - Getting started with YARA and Windows PE Files
- Part 2 - Extracting Artifacts from Windows PE files
- Part 3 - YARA Rule Engineering and Key Modules.
- Part 4.1 - Hunting for files with Stolen code-signing Cert.
- Part 4.2 - Hunting for Web Shells deployed on Servers.
- Part 4.3 - Hunting for files with Timestamp Anomalies.
- Part 4.4 - Hunting for Packed PE executables.
- Part 4.5 - Hunt for exploitation attempts by analyzing log files.
- Part 4.6 - Hunt for Vulnerable Applications & Endpoints
- Introduction to YARA Ecosysyem
- Yara Ecosysyem - OSQuery
- Yara Ecosysyem - Velociraptor
- Yara Ecosysyem - Zeek
- Yara Ecosysyem - Python
- Part 6 - Behavioral hunting with VT modules