eql
latest

Contents

  • Query Guide
  • Interactive Shell
  • API Reference
  • Resources
    • Blogs
    • Presentations
    • Additional Resources
  • License
eql
  • Docs »
  • Resources
  • Edit on GitHub

Resources¶

Blogs¶

  • EQL Threat Hunting
  • Ransomware, interrupted: Sodinokibi and the supply chain
  • Detecting Adversary Tradecraft with Image Load Event Logging and EQL
  • EQL’s Highway to Shell
  • Getting Started with EQL
  • EQL For the Masses
  • Introducing EQL

Presentations¶

  • BSides DFW 2019: ATT&CKing Koadic with EQL (slides)
  • BlackHat 2019: Fantastic Red-Team Attacks and How to Find Them (slides, blog)
  • BSides SATX 2019: The Hunter Games: How to Find the Adversary with EQL (slides)
  • Circle City Con 2019: The Hunter Games: How to Find the Adversary with EQL (slides)
  • Atomic Friday: Endgame on EQL (slides, notebook)
  • MITRE ATT&CKcon: From Technique to Detection

Additional Resources¶

  • Event Query Language (docs, code, twitter)
  • EQL Analytics Library (docs, code)
Next Previous

© Copyright 2018, Endgame Revision 5b57dab9.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: latest
Versions
latest
stable
0.9.17
0.9.16
0.9.15
0.9.13
0.9.9
0.8
0.7
0.6
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds

Free document hosting provided by Read the Docs.