Eric’s Substack
Subscribe
Sign in
Home
Notes
Chat
Tools & Resources
General Technology
Archive
Leaderboard
About
Latest
Top
Discussions
Introduction to YARA
The Swiss-army knife of malware detection.
Mar 11
•
Eric Capuano
10
Share this post
Eric’s Substack
Introduction to YARA
Copy link
Facebook
Email
Notes
More
1
December 2024
The Role of Fuzzy Hashes in Security Operations
Enhancing Malware Analysis with Similarity-Based Hashing Techniques
Dec 19, 2024
•
Eric Capuano
9
Share this post
Eric’s Substack
The Role of Fuzzy Hashes in Security Operations
Copy link
Facebook
Email
Notes
More
1
October 2024
Atomic & Stateful Detection Rules
Harnessing the Power of Precision and Context in Detection Engineering
Oct 14, 2024
•
Eric Capuano
15
Share this post
Eric’s Substack
Atomic & Stateful Detection Rules
Copy link
Facebook
Email
Notes
More
1
April 2024
Prefetch Analysis Lab
Analyze evidence of execution artifacts from a data breach investigation.
Apr 29, 2024
•
Eric Capuano
22
Share this post
Eric’s Substack
Prefetch Analysis Lab
Copy link
Facebook
Email
Notes
More
2
November 2023
So you want to be a SOC Analyst? 2.0
A revamp of the original SYWTBSA blog series, made much easier with cloud-hosted VMs. All you need is a web browser!
Nov 3, 2023
•
Eric Capuano
19
Share this post
Eric’s Substack
So you want to be a SOC Analyst? 2.0
Copy link
Facebook
Email
Notes
More
1
October 2023
Threat Hunting with Velociraptor - Long Tail Analysis Lab
Leverage "rarity" in Velociraptor hunts to identify outliers with a hands-on lab using data generated from 10 systems, one of which is compromised.
Oct 28, 2023
•
Eric Capuano
9
Share this post
Eric’s Substack
Threat Hunting with Velociraptor - Long Tail Analysis Lab
Copy link
Facebook
Email
Notes
More
May 2023
VMware Memory Analysis with MemProcFS
A lab guide for analyzing an infected memory image of a running VMware system with MemProcFS.
May 27, 2023
•
Eric Capuano
7
Share this post
Eric’s Substack
VMware Memory Analysis with MemProcFS
Copy link
Facebook
Email
Notes
More
April 2023
Capturing & Parsing Forensic Triage Acquisitions for Investigation Timelining
This guide will walk you though capturing and processing triage acquisitions into forensic timelines, step-by-step, with a VM containing all needed…
Apr 12, 2023
•
Eric Capuano
11
Share this post
Eric’s Substack
Capturing & Parsing Forensic Triage Acquisitions for Investigation Timelining
Copy link
Facebook
Email
Notes
More
8
March 2023
Find Threats in Event Logs with Hayabusa
A powerful technique for finding threats in Windows event logs.
Mar 21, 2023
•
Eric Capuano
11
Share this post
Eric’s Substack
Find Threats in Event Logs with Hayabusa
Copy link
Facebook
Email
Notes
More
6
A "Thank You" to Paid Subscribers
I sincerely want to thank those of you that are supporting this blog. Here are some resources just for you.
Mar 20, 2023
•
Eric Capuano
11
Share this post
Eric’s Substack
A "Thank You" to Paid Subscribers
Copy link
Facebook
Email
Notes
More
3
Mounting E01 Forensic Images in Linux
So you want to mount an E01 forensic image? This guide will help.
Mar 10, 2023
•
Eric Capuano
2
Share this post
Eric’s Substack
Mounting E01 Forensic Images in Linux
Copy link
Facebook
Email
Notes
More
1
Live Incident Response with Velociraptor
A video walk-through of incident handling using the open source Velociraptor agent
Mar 3, 2023
•
Eric Capuano
2
Share this post
Eric’s Substack
Live Incident Response with Velociraptor
Copy link
Facebook
Email
Notes
More
Share
Copy link
Facebook
Email
Notes
More
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts
