Forum Discussion

Bronze I

5 months ago

Wizard Spider DFIR: Ep.9 – Sigma

The question I'm stuck on is : Modify the rule file "file_event_win_macro_file.yml" to also include ".docm" file types. Convert this rule using Sigmac and use the output within Elastic. How many pot...

Community Manager

5 months ago

Hey gilly32, I know a few people who have completed this lab who might be able to give a help: Carlossus GusC neeemu purplemoon CyberSharpe. Otherwise I'll get one of the team to have a look for you.

Forum Discussion

Wizard Spider DFIR: Ep.9 – Sigma

Featured Places

Help

Related Content

Wizard Spider DFIR: Ep.10 – Demonstrate Your Skills

ImmersiveOne: Scattered Spider Release

tweaks to career paths

Re: Introduction to OWASP ZAP

Re: Terrapoint (Hats off, Immersive Labs)

Recent Discussions

PowerShell Deobfuscation – Challenge 8

Microsoft Sentinel SOAR :Demonstrate your skills

Powershell Deobsfuscation Ep.7

Microsoft Sentinel SOAR: Demonstrate Your Skills

Microsoft Sentinel SOAR: Demonstrate Your Skills Question 11