Malware Traffic Analysis 3 is a blue team lab that falls under the Network Forensics category and will cover the following subjects: Wireshark, Brim, NetworkMiner, suricatarunner, suricata.rules, GHex, pesec, Initial Access, Defense Evasion, Command and Control.
Learning Objectives
Synthesize network, binary, and threat intelligence artifacts to reconstruct an exploit kit attack chain, identifying components, deobfuscating payloads, and analyzing binary protections.
Categories: Network Forensics.
MITRE ATT&CK Tactics: Initial Access, Defense Evasion, Command and Control.