Blue Team Labs

Understand and analyze ATM-targeting malware using static analysis tools, identify malicious behaviors, and trace how malware exploits legitimate APIs like XFS to manipulate ATM hardware and perform unauthorized actions.

Investigate a real-world cyberattack, identify compromise indicators, trace attacker activities, and apply forensic and threat intelligence techniques.

Investigate a Java deserialization vulnerability in Apache ActiveMQ that enables remote code execution through insecure class loading.

Reconstruct the QBot malware infection timeline by analyzing memory dumps, identifying malicious processes, files, and network communications using Volatility3 and VirusTotal.

Learn cloud forensics by analyzing Google Cloud logs with JQ to identify compromised accounts, data exfiltration, and attacker persistence methods in a simulated breach scenario.

Develop skills in forensic analysis, attack chain reconstruction, and threat detection following a web server compromise using Linux forensic techniques.

Analyze, decrypt, and trace a multi-stage malware infection, uncovering obfuscation techniques, payload delivery methods, and network communication indicators.

Analyze Windows 10 notification artifacts, installed applications, LNK files, and Applications logs to uncover malicious activity and enhance forensic investigation capabilities.

Perform forensic analysis on Android devices to identify, analyze, and mitigate threats from malicious applications and cyber espionage groups like Magic Hound.

Reconstruct a multi-stage attack chain using Volatility Framework to analyze memory dumps, identifying malware, persistence, credential theft, lateral movement, and C2 communications across compromised systems.