eql
latest

Contents

  • Query Guide
  • Interactive Shell
  • API Reference
  • Resources
    • Blogs
    • Presentations
    • Additional Resources
  • License
eql
  • Docs »
  • Resources
  • Edit on GitHub

Resources¶

Blogs¶

  • EQL Threat Hunting
  • Ransomware, interrupted: Sodinokibi and the supply chain
  • Detecting Adversary Tradecraft with Image Load Event Logging and EQL
  • EQL’s Highway to Shell
  • Getting Started with EQL
  • EQL For the Masses
  • Introducing EQL

Presentations¶

  • BSides DFW 2019: ATT&CKing Koadic with EQL (slides)
  • BlackHat 2019: Fantastic Red-Team Attacks and How to Find Them (slides, blog)
  • BSides SATX 2019: The Hunter Games: How to Find the Adversary with EQL (slides)
  • Circle City Con 2019: The Hunter Games: How to Find the Adversary with EQL (slides)
  • Atomic Friday: Endgame on EQL (slides, notebook)
  • MITRE ATT&CKcon: From Technique to Detection

Additional Resources¶

  • Event Query Language (docs, code, twitter)
  • EQL Analytics Library (docs, code)
Next Previous

© Copyright 2018, Endgame Revision 0bd4bd31.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: latest
Versions
latest
stable
0.9.13
0.9.9
0.8
0.7
0.6
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds

Free document hosting provided by Read the Docs.