Analyzing Data

• Base64 Decoding and Unpacking
  • Base64 decode an input string
  • Using a DataFrame as input
  • Interpreting the DataFrame output
  • Decoding Nested Base64/Archives
  • IPython magic
  • Pandas Extension
• IoC Extraction
  • Looking for IoC in a String
  • Using a DataFrame as Input
  • IoCExtractor API
  • Predefined Regex Patterns
  • Adding your own pattern(s)
  • Merging output with source data
  • IPython magic
  • Pandas Extension
• Event Clustering
  • Processes on Host - Clustering
  • Host Logons
• Anomalous Sessions
  • Creating the Sessions
  • Model the sessions
  • Visualise the Modelled Sessions
  • Other Log Types + KQL
• Pivot Functions
  • What are Pivot Functions?
  • What is “Pivoting”?
  • Getting started
  • Initializing the Pivot library
  • Running a pivot function
  • Data query pivot functions
  • Threat Intelligence lookups
  • A pandas processing pipeline with pivot functions
  • Customizing and managing Pivots