richnadeau
commented
2 years ago Also need to find out how to combine all my queries into one so that they can be an artifact.
Closed richnadeau closed 2 years ago
richnadeau
commented
2 years ago Also need to find out how to combine all my queries into one so that they can be an artifact.
richnadeau
commented
2 years ago This was completed and website was updated on Sunday.
Good progress made on this so far. Four queries have been created to show evidence of Pysa being ran on the Windows system. Next, I have to make svchost.exe run in a temporary Windows directory so I can demonstrate a Query detecting it to the class and for the lesson. I also want to look into trying to get Windows Event Logs and try to get that working (no luck so far). Docs for what I have done can be found here.