Host Exploitation and Forensic Analysis
by Coleman Kane
For forensic analysis and host exploitation (attack simulation), here are lectures covering the bulk of this topic:
- Building an Attack
- Using Metasploit and Pupy RAT
- Static Analysis of Compromised Host
- Analysis Exercise
The first two lectures demonstrate using some common offensive tools to compromise a VM. In particular, the PupyRAT malware is both open source and alleged to be used by many countries’ intelligence services for cyber espionage, making it a great real-world candidate for analysis.
The second two modules cover analysis of VMs, the last of which is a follow-along type of exercise.
tags: pupy lecture forensics metasploit plaso autoruns mft2csv dynamic pdf run-time-analysis sysmon procmon volatility winpmem virtualbox vm