hack.lu 2023

Kunai workshop: your new Threat Hunting tool for Linux
2023-10-18 , Hollenfels

Linux is an open-source OS; however, performing Threat Hunting on Linux using open-source software (OSS) is not easy, as only a few tools are available and maintained. A port of the well-known Sysmon tool, originally developed for MS Windows, has been made for Linux, but it suffers from several issues. In this presentation, I will introduce a brand-new open-source tool I have been working on for several months. This tool aims to be a Sysmon alternative for Linux and provides several features that Sysmon does not offer.


This workshop aims to introduce the community to Kunai, a new Threat Hunting tool designed specifically for Linux Systems, in addition to the hack.lu talk by the same name

Quentin has been working as an incident responder for several years before focusing on endpoint threat detection. He recently dedicated all his time developing several open-source projects. His main topics of interest are ranging from threat detection to bug hunting but what he likes the most is to develop tools and open-source them when he judges it is relevant enough to do so.

This speaker also appears in: