EASY Creation of Malware Analysis and Digital Forensics Lab
8.2 هزار بار بازدید -
3 سال پیش
-
Creation of malware analysis and
Creation of malware analysis and digital forensics lab is one of the most essential step a Blue Team member MUST do at very first of their career, learning path. There are several ways, tools we might need to complement our work for DFIR. But in today's episode I will show you how can you create your simple home lab set up for practicing DFIR. All of the tools that I will be using are open source and the set up will be simple with most relevant and required tools, which are more than enough for any DFIR case studies.
Not only it can be used for your self study, this set up can be used in any organization as well where DFIR/SOC Team wants to prepare an isolated environment which should be used for malware analysis, forensics stuffs.
So, if you want to make an impact to your daily operations and want to learn from scratch how to create this in the Proper yet simple way, watch this episode full. I will be covering the full set up, software requirement, hardwork requirement etc etc.
Tools you will be needing-
------------------------------------------------------------------------------------------------------------------
1. Win7 32 Bit OS- https://bit.ly/3e5gYah
2. VMWare Player 14- https://bit.ly/2ByRiG1
3. PEStudio- https://www.winitor.com/
4. Process Monitor- https://bit.ly/2DdAYea
5. WireShark- https://bit.ly/2Z20gV3
6. ProcDOT- http://procdot.com/
7. Sysinternal Suit- https://bit.ly/3gq45ZO
8. Agent Ransack- https://bit.ly/2Z30Stn
9. Notepad++ - https://notepad-plus-plus.org/downloads/
10. OllyDbg- http://www.ollydbg.de/
11. SIFT Workstation installation- https://github.com/teamdfir/sift-cli#...
12. RemNex installation- https://docs.remnux.org/install-distr...
13. Didier Stevens Tools- https://blog.didierstevens.com/my-sof...
Related Episodes-
🔗 First Static, Dynamic Lab- Creation of Malware Analysis and Digi...
🔗 Malware Analysis Bootcamp- Malware Analysis Bootcamp - Introduct...
WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!!
-------------------------------------------------------------------------------------------------------------------------
INCIDENT RESPONSE TRAINING Full Course 👉BlackPerl DFIR || INCIDENT RESPONSE ...
DFIR Free Tools and Techniques 👉 BlackPerl DFIR || DFIR Tools and Tech...
Windows and Memory Forensics 👉 BlackPerl DFIR || Windows and Memory ...
Malware Analysis 👉 BlackPerl DFIR || Malware Analysis Se...
SIEM Tutorial 👉 BlackPerl DFIR || Learn SIEM with me ...
Threat Hunt & Threat Intelligence 👉 BlackPerl DFIR || Threat Hunt & Threa...
⌚
Timelines
-------------------------------------------------------------------------------------------------------------------------
0:00 ⏩ Introduction
1:33 ⏩ My Architecture Overview
7:46 ⏩ Install SIFT
14:25 ⏩ Install Remnux
19:42 ⏩ Setup Win VM
27:18 ⏩ Set up InetSIM
33:08 ⏩ Overview of the Sandbox Tools
38:20 ⏩ Let's Summarize and What's Next?
📞📲
FOLLOW ME EVERYWHERE-
-------------------------------------------------------------------------------------------------------------------------
✔ LinkedIn: LinkedIn: blackperl
✔ You can reach out to me personally in LinkedIn as well- https://bit.ly/38ze4L5
✔ Twitter: @blackperl_dfir
✔ Git: https://github.com/archanchoudhury
✔ Insta: (blackperl_dfir)Instagram: blackperl_dfir
✔ Can be reached via [email protected]
SUPPORT BLACKPERL
-------------------------------------------------------------------------------------------------------------------------
╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗
║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣
╠╗║╚╝║║╠╗║╚╣║║║║║═╣
╚═╩══╩═╩═╩═╩╝╚╩═╩═╝
➡️ SUBSCRIBE, Share, Like, Comment
☕ Buy me a Coffee 👉 https://www.buymeacoffee.com/BlackPerl
📧 Sponsorship Inquiries: [email protected]
-------------------------------------------------------------------------------------------------------------------------
🙏 Thanks for watching!! Be CyberAware!! 🤞
Not only it can be used for your self study, this set up can be used in any organization as well where DFIR/SOC Team wants to prepare an isolated environment which should be used for malware analysis, forensics stuffs.
So, if you want to make an impact to your daily operations and want to learn from scratch how to create this in the Proper yet simple way, watch this episode full. I will be covering the full set up, software requirement, hardwork requirement etc etc.
Tools you will be needing-
------------------------------------------------------------------------------------------------------------------
1. Win7 32 Bit OS- https://bit.ly/3e5gYah
2. VMWare Player 14- https://bit.ly/2ByRiG1
3. PEStudio- https://www.winitor.com/
4. Process Monitor- https://bit.ly/2DdAYea
5. WireShark- https://bit.ly/2Z20gV3
6. ProcDOT- http://procdot.com/
7. Sysinternal Suit- https://bit.ly/3gq45ZO
8. Agent Ransack- https://bit.ly/2Z30Stn
9. Notepad++ - https://notepad-plus-plus.org/downloads/
10. OllyDbg- http://www.ollydbg.de/
11. SIFT Workstation installation- https://github.com/teamdfir/sift-cli#...
12. RemNex installation- https://docs.remnux.org/install-distr...
13. Didier Stevens Tools- https://blog.didierstevens.com/my-sof...
Related Episodes-
🔗 First Static, Dynamic Lab- Creation of Malware Analysis and Digi...
🔗 Malware Analysis Bootcamp- Malware Analysis Bootcamp - Introduct...
WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!!
-------------------------------------------------------------------------------------------------------------------------
INCIDENT RESPONSE TRAINING Full Course 👉BlackPerl DFIR || INCIDENT RESPONSE ...
DFIR Free Tools and Techniques 👉 BlackPerl DFIR || DFIR Tools and Tech...
Windows and Memory Forensics 👉 BlackPerl DFIR || Windows and Memory ...
Malware Analysis 👉 BlackPerl DFIR || Malware Analysis Se...
SIEM Tutorial 👉 BlackPerl DFIR || Learn SIEM with me ...
Threat Hunt & Threat Intelligence 👉 BlackPerl DFIR || Threat Hunt & Threa...
⌚
Timelines
-------------------------------------------------------------------------------------------------------------------------
0:00 ⏩ Introduction
1:33 ⏩ My Architecture Overview
7:46 ⏩ Install SIFT
14:25 ⏩ Install Remnux
19:42 ⏩ Setup Win VM
27:18 ⏩ Set up InetSIM
33:08 ⏩ Overview of the Sandbox Tools
38:20 ⏩ Let's Summarize and What's Next?
📞📲
FOLLOW ME EVERYWHERE-
-------------------------------------------------------------------------------------------------------------------------
✔ LinkedIn: LinkedIn: blackperl
✔ You can reach out to me personally in LinkedIn as well- https://bit.ly/38ze4L5
✔ Twitter: @blackperl_dfir
✔ Git: https://github.com/archanchoudhury
✔ Insta: (blackperl_dfir)Instagram: blackperl_dfir
✔ Can be reached via [email protected]
SUPPORT BLACKPERL
-------------------------------------------------------------------------------------------------------------------------
╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗
║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣
╠╗║╚╝║║╠╗║╚╣║║║║║═╣
╚═╩══╩═╩═╩═╩╝╚╩═╩═╝
➡️ SUBSCRIBE, Share, Like, Comment
☕ Buy me a Coffee 👉 https://www.buymeacoffee.com/BlackPerl
📧 Sponsorship Inquiries: [email protected]
-------------------------------------------------------------------------------------------------------------------------
🙏 Thanks for watching!! Be CyberAware!! 🤞
3 سال پیش
در تاریخ 1400/08/07 منتشر شده
است.
8,222
بـار بازدید شده