Yara Wizards is a blue team lab that falls under the Detection Engineering category and will cover the following subjects: Detect It Easy, Yara, FLOSS/Strings, Notepad++, ProcMon, Process Explorer, Process Hacker, YaraValidator, Execution, Persistence, Privilege Escalation, Defense Evasion, Discovery, Collection, Command and Control, Impact.
Learning Objectives
Analyze malware behavior and develop YARA rules for proactive detection by identifying packing methods, entropy levels, and execution patterns.