Ricardo Dias

icon indicating a website link https://twitter.com/hxnoyd

icon location Portugal icon location #ThreatHunter #DFIR #ATT&CK #SIEM #YARA #Python

Results 4 comments of Ricardo Dias

Extending data dictionaries?

Hi @nicolasreich. First of all, sorry for the late reply. So far we have developed data dictionaries as independent document, as close as possible to the raw events produced by...

Extending data dictionaries?

Hi @nicolasreich. Thanks for the detailed explanation, it is now more clear what you mean by 'extending', in a nutshell: deconstruct data dictionaries depending on the field prevalence, to avoid...

pehash function integration in pe module

Thanks for the correction Wesley. Looking forward to try pehash Yara rules.

pehash function integration in pe module

Thanks for the feedback!