LAB: Windows DLL anomaly detection script in Python

New post out at https://guppysecurity.com/windows-dll-anomaly-detection-script/. Check it out to learn about DLLs and why detecting anomalies in the DLLs loaded by your running processes is a good idea.

In this LAB you will create a Python script that will be able to

• List the DLLs loaded by all running processes

• Verify the signers of the DLLs

• Verify the validity of the DLLs’ certificates

• Identify anomalies in the list of loaded DLLs