Def Con 919 Presents – October Meeting – Forensic Intro
ALL levels of experience, skill, and interest are welcome and encouraged to join us. You do not have to be a “hacker” to attend.
Ever wondered what it is like being a security analyst? Here is your chance. DC919 will be hosting an exciting 4-hour class taught by @Mr_Forensics and @S3curityN. This class will arm students with the knowledge needed to identify malicious threats and characterize their behavior.
This class is open to anyone that would like to participate or observe. If planning to participate in the hands-on learning objectives, please ensure to follow the preparation instructions below. Phishing & malicious spam attacks continue to pose a significant risk in today’s cyber threat landscape. Using forensic and malware analysis fundamentals, this class is designed to teach students how to analyze malicious downloaders, phishing emails & malicious spam.
Upon successful class completion, students will be able to:
– Build analysis skills that leverage complex scenarios and improve comprehension.
– Demonstrate an understanding of forensic fundamentals used to analyze an email.
– Use open-source information to collect and analyze threat actor data; identify indicators of compromise, and demonstrate how to pivot on that information.
– Demonstrate how to analyze a malicious downloader; to include but not limited to debugging and deobfuscation.
– Participate in a hand to keyboard combat capstone. Students will be given a malicious sample and demonstrate how to analyze.
***Download & Class Preparation***
Download Instructions: Please read all instructions (Part 1 & Part 2) very carefully before starting
This class assumes the student to have prior knowledge of setting up a virtual machine. If you are new to working with virtual machines, the instructors strongly recommend that you first observe the class. If you observe during the course and wish to continue the exercises afterward, the classroom instructors will arrange a special one on one review; at the student’s request.
Part 1: Virtual Machine Downloads
– Goal: Download two virtual machines and prepare for class.
– Download Links: Only download one link that meets your preference. See Option#1 and Option#2 below.
If you plan to use VirtualBox during the class, please download and follow the PDF instruction: https://www.dropbox.com/s/w8rks0mlesn3pkn/Oracle%20VirtualBox%20Import%20Instructions.pdf?dl=0
If you plan to use Vmware Workstation during the class, please download and follow the PDF instruction:
Part 2: Account Registration and Classroom file download
– Goal: Download remaining classroom material needed for class and register for two accounts. See sections 1 through 3 below.
– Download & Registration Links:
2. Register for a free VirusTotal Account.
3. Register for free Risk IQ Account.
**********File Hash Reference **********
The following are sha256 file hashes for all virtual machines:
Sunday, October 13, 2 PM
• 2 PM Forensic Introduction
• 6 PM Open Discussion at Raleigh Times Bar