Modern Malware Analysis
This lab supports the DEFCON30 workshop, The Art of Modern Malware Analysis. It is meant to be be paired with the content provided in the LAB FILES and the in class instruction provided at DEFCON30.
Terms and conditions apply.
Getting Started in the Lab Environment
Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!
Malware as a Service
This section teaches students how to gather basic sample information and utilize open-source threat intelligence sharing platforms to gain deeper understanding about their sample, such as strings and hashes and sources like Abuse.ch and Triage.
Malware C2 Behavior
Better understand HTTP C2 IOCs by creating working C2 capabilities yourself.
Cobalt Strike Beacon
This challenge will include analysis of the world’s #1 C2 infrastructure: Cobalt Strike (CS). You will break down the CS infrastructure, show how Malleable C2 profiles function, and learn how to extract and analyze profile configurations from script- and PE-based payloads alike.
The Last Challenge
Welcome to the final challenge! This is your last chance to experiment in the environment. Clicking Finish Lab will end this little world that flittered into existence just for you.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
- Cyber security basic concepts
- Foundational Networking Concepts
- A basic understand of Malware Analysis