The Garuda Threat Hunting Framework, released at DEF CON 2025, is a PowerShell-based framework designed to simplify manual threat hunting. It allows you to correlate, filter, and investigate Sysmon events efficiently. In this video, I demonstrate how to install Garuda, explore its key features, and perform a step-by-step hunt of a Living-off-the-Land (LoLbin) attack using […]
In this video, we explore how AI enhances threat hunting by integrating Large Language Models (LLMs) with the Garuda Threat Hunting Framework. Garuda is a manual, PowerShell-based threat hunting and investigation framework designed to transform raw Sysmon telemetry into structured, actionable intelligence for Windows environments. It allows you to correlate, filter, and analyze sysmon events […]
In this meet, Monnappa K A delivered presentation on “Reversing and Decrypting Malware Communications” Video Demo 1: Video Demo 2: Video Demo 3: References: http://www.arbornetworks.com/asert/2014/06/illuminating-the-etumbot-apt-backdoor/ http://www.fireeye.com/blog/technical/botnet-activities-research/2014/09/darwins-favorite-apt-group-2.html
In this meet, Akhil Mahendra delivered presentation on “The Art of Executing JavaScript” Demo: CSP bypass https://www.youtube.com/watch?v=LUtWj3stVlU Demo: angular js xss https://www.youtube.com/watch?v=xecuNPanQJA
Text: Audience Level: Beginner to Medium. Few months back we released our new tool APITacker. The idea behind the tool is more mature than the tool itself. Using APITracker we can hook APIs on large scale from DLLs to track the execution of the sample. APITracker is based on pydbg python debugger. Before we move […]
Video: Text: Audience Level: Internet user, Mid level Analyst Prerequisite: Programming Language Introduction: Obfuscation: https://en.wikipedia.org/wiki/Obfuscation_(software) Infection Method: Malicious documents are mostly delivered through email campaigns. The attacker send the tailored email to the victim with the malicious email attachment or a malicious web link. Once the victim open the malicious document it will download the […]
Video Link: Text: Audience Level: Beginner, Internet user Prerequisite: Python programming language Introduction: In this week I will discuss about the macro analysis since macros are one of the top threat today to compromise/infect the endpoint machines. These days the macro based downloaders download ransomeware, POS malware and other banking trojans so the investigation of […]
In this meet,Monnappa K A presented on “Understanding APT1 malware techniques using malware analysis and reverse engineering” Video Demo : Part 1 – Behavioral Analysis Of APT1 WEBC2-DIV Part 2 – Reverse Engineering APT1 WEBC2-DIV Part 3 – Understanding the WEBC2-DIV Technique – Sleep Part 4 – Understanding the WEBC2-DIV Technique – Download
In this meet, Abhishek J M presented on “Dissecting Android APK” Video Demo :
In this meet, Monnappa K A presented on “Investigating Malware using Memory Forensics” Video Demo: https://youtu.be/C6uUDl0Vc6E