Join us at hack.lu 2025 โ Info & Registration
Duration: 120 min
Type: Training
Speakers: Quentin JEROME
Abstract
In this workshop, participants will learn everything they need to know to install Kunai and start monitoring their Linux environment to spot attackers or simply for fun.
In the first part, we will cover all the essential information about Kunai. This will include a quick walkthrough of the Kunai documentation, explaining what participants can expect from this tool. Simultaneously, we will conduct exercises to help participants become familiar with the tool, its command line, and configuration file.
In the second part, we will run exercises showcasing more advanced Kunai usage. This will include building custom detection rules to detect specific anomalies or malware, learning how to load Indicators of Compromise (IoCs) into the detection engine, and how to integrate Kunai with your favorite MISP instance. If time allows, we will also cover additional advanced topics.
Description
In this workshop, participants will learn everything they need to know to install Kunai and start monitoring their Linux environment to spot attackers or simply for fun.
Part 1: Introduction to Kunai
- Essential Information: Cover all the essential information about Kunai.
- Documentation Walkthrough: Quick walkthrough of the Kunai documentation, explaining what participants can expect from this tool.
- Hands-on Exercises: Conduct exercises to help participants become familiar with the tool, its command line, and configuration file.
Part 2: Advanced Kunai Usage
- Custom Detection Rules: Building custom detection rules to detect specific anomalies or malware.
- Indicators of Compromise (IoCs): Learning how to load IoCs into the detection engine.
- Integration with MISP: How to integrate Kunai with your favorite MISP instance.
- Additional Topics: If time allows, we will also cover additional advanced topics.