Jean-Pierre GARNIERDriverless and userland Live Forensic with Event Tracing for Windows (ETW) to track suspicious…Analysis should not relies only on beautiful dashboards on your SIEMJul 3, 2021Jul 3, 2021
Jean-Pierre GARNIERGolang for computer security — Building an EDR #Part3 — Registry and Startup folder persistence…When we talk about detecting malware on a compromised system, it is most often a question of looking at the most representative behaviours…Feb 8, 2021Feb 8, 2021
Jean-Pierre GARNIERGolang for computer security — Building an EDR #Part2 — YARA rulesIn case you missed the first part of this serie, it was to illustrate how to use Go to read in the memory of Windows processes. With the…Jan 6, 2021Jan 6, 2021
Jean-Pierre GARNIERGolang for computer security — Building an EDR #Part1 —processes memoryDespite all the difficulties of 2020, I enjoy learning new things every day and that’s why I decided to learn Go this year. What could be…Jan 2, 20211Jan 2, 20211