CS6038/CS5138 Malware Analysis, UC

Course content for UC Malware Analysis

View on GitHub
6 April 2021

Host Exploitation and Forensic Analysis

by Coleman Kane

For forensic analysis and host exploitation (attack simulation), here are lectures covering the bulk of this topic:

The first two lectures demonstrate using some common offensive tools to compromise a VM. In particular, the PupyRAT malware is both open source and alleged to be used by many countries’ intelligence services for cyber espionage, making it a great real-world candidate for analysis.

The second two modules cover analysis of VMs, the last of which is a follow-along type of exercise.


tags: pupy lecture forensics metasploit plaso autoruns mft2csv dynamic pdf run-time-analysis sysmon procmon volatility winpmem virtualbox vm