Malware Traffic Analysis 4 is a blue team lab that falls under the Network Forensics category and will cover the following subjects: Wireshark, Brim, NetworkMiner, suricatarunner, suricata.rules, Initial Access, Defense Evasion, Command and Control.
Learning Objectives
Reconstruct a malware infection timeline by analyzing network traffic, identifying exploit kit activity, and extracting indicators of compromise using Wireshark and NetworkMiner.
Categories: Network Forensics.
MITRE ATT&CK Tactics: Initial Access, Defense Evasion, Command and Control.