Hunting Threats using the Time machine named - Memory forensics
Trainer: Shyam Sundar R., Cyber Security Architect
Duration: 8 hours (including Lunch and 2x Coffee Breaks)
Training language: English
Number of attendees: max 25 persons
Threat hunting is not just about hunting IOCs via SIEM tools or events. There is a whole new world beyond it. Enter the world of Digital and Memory forensics, where we will dissect Windows/Linux malware from memory and unearth a world of unknowns using memory forensic techniques. A pure hands-on with significantly less talking and more working. Here is what we will do:
a) Understand threat hunting and the current threat landscape.
b) Understand and carry out hypothesis, blind and traditional, and I heard a rumor about threat hunting.
c) Reverse, understand, and execute Linux and Windows Malware to extract and understand IOC, behaviors, and patterns.
d) Track rootkits and Crypto mining malware in Linux to extract IOC using memory forensics.
e) Understand memory forensic data structures and memory mappings.
You and your laptop. Participants will be given Google Drive links where the OVAs will be downloaded and can be run on virtual boxes. The OVA will contain all actual malware samples, exercises, and other exciting aspects for dissection.
For whom is the training intended?
Cyber Security Community and Non-Cyber Security Community