Continue your exploration into malware's behavior on the network! Students will analyze network captures containing real, malicious network traffic, both by hand and using tools such as Security Onion and Sguil. Both malware spreading methods and command and control operations will be explored. In addition, students will create web shell payloads of their own to see how they operate from the inside.
Prerequisites
Detailed knowledge of networking protocols, including TCP/IP, DNS, and HTTP. Familiarity with Wireshark and the Unix/Linux command line.
The Cogent RangeĀ Intrusion Analysis using Network Traffic exercise is recommended before starting this exercise.
Expected Duration
3 hours, self-paced. Pause and continue at any time.
3 CPEs awarded on successful completion.
Availability
Included if you are a subscriber to any of the following training packages:
- Level 2: Attack/Defense/IR Exercises and Instructional Labs
- Level 3: Attack Scenarios, Attack/Defense/IR Exercises, and Instructional Labs
- Law Enforcement/Counterintelligence Forensics Analyst 2
- Cyber Defense Forensics Analyst 2
- Cyber Defense Analyst 2
- Cyber Defense Incident Responder
- Cyber Defense Infrastructure Support Specialist 2
- Vulnerability Assessment Analyst 2
- Incident Response Package
- Attack, Defense, and System Administration Exercises Package
