Workshop: Learning YARA from Scratch
Friday, November 18, 2022
05:00 PM - 09:30 PM
Beatty Center
College of Charleston School of Business, 5 Liberty St, Charleston, SC 29401, USA
Learning YARA from Scratch
Instructor: Sean Sabo
Duration: 4 Hours
Workshop Description:
"Learning YARA From Scratch" is a workshop covering YARA rule writing basics and some intermediate-level material. YARA is a tool whose motto is the "pattern matching Swiss knife" which enables defenders and threat researchers to write custom file-based signatures to root out malware. The workshop will cover how to use loops and iterators in addition to various string types and modifiers that YARA makes available to the rule developer. Tips on how to debug rules and write efficient rules are included. By the end of the workshop, the attendee should be able to "hunt for badness" using YARA rules.
Class Requirements:
- Laptop
- VS Code
- SSH Connection
About the Instructor:
Sean is a cyber security professional with over 10 years of experience. For the last 5 years, he has been reverse-engineering malware and tracking various APT groups. He enjoys writing YARA rules and has contributed to the YARA code base. He currently works as a Senior Cyber Security Researcher at Recorded Future. Prior to that, he was at ThreatConnect and on the ASERT team at Arbor Networks.
Ticket Sales Ended
No tickets are available for this event.