Build a Malware Analysis Lab (Self-Hosted & Cloud) - The Malware Analysis Project 101
⛔ Disclaimers: I take no responsibility or accountability for infection of malicious software, programs, files onto any computer or workstation. This project and videos are for educational purposes only. I do not condone the development, use of, or spreading of programs to intentionally harm assets, networks, or individuals.
Safety is key when dealing with malware. Ensure you always are following protocols when it comes to downloading and detonating a malicious sample. Follow all instructions within the courses and listed resources.
📝 Notes:
https://cybercademy.org/the-malware-analysis-project-101/#notes
⏰ Timestamps:
0:00 - Introduction
0:51 - Crash Course Overview
1:52 - Self-hosted Topology
3:13 - Cloud-hosted Topology
4:12 - Items to Note
5:45 - Lab Showcase
6:10 - Download VirtualBox
7:02 - Download Windows 10 ISO
8:22 - Download Remnux
9:03 - Windows 10 VM Setup
16:06 - Disable Windows Defender
19:24 - Setup FlareVM
23:45 - Setup Remnux
25:15 - Setup Host-only Adapter
27:23 - Configure Remnux
33:45 - Setup & Test VM Connections
37:11 - Self-hosted Lab Finished
37:19 - Cloud Lab Overview
39:05 - Creating EC2 Instance
43:30 - Set VM Environment
45:55 - Disable Windows Defender
47:51 - Install FlareVM
53:10 - Export AMI
54:12 - Create IAM Role
57:35 - Download JQ, Terraform, AWSCLI
1:01:13 - Log Into IAM Account
1:02:14 - Change Terraform Files
1:05:49 - Deploy Cloud-hosted Lab
1:07:08 - Log Into Lab
1:07:44 - Configure INetSIM
1:09:02 - Cloud-lab Finished
1:11:06 - Conclusion
🔗 Links & Commands:
[Self-Hosted Lab]
Download VirtualBox: https://www.virtualbox.org/wiki/Downloads
Download Windows 10 ISO: https://info.microsoft.com/ww-landing-windows-10-enterprise.html
Download Remnux: https://docs.remnux.org/install-distro/get-virtual-appliance
Download Chrome: https://www.google.com/chrome/
[Download FlareVM]
Change directories to the Desktop
(New-Object net.webclient).DownloadFile('https://raw.githubusercontent.com/mandiant/flare-vm/main/install.ps1;,"$([Environment]::GetFolderPath("Desktop"))\\install.ps1")
Unblock-File .\\install.ps1
Set-ExecutionPolicy Unrestricted
.\install.ps1
[Cloud-Hosted Lab]
AWS Malware Lab by Adan Alvarez: https://github.com/adanalvarez/AWS-malware-lab/tree/main
AWS Sign-up: https://aws.amazon.com/resources/create-account/
Install Terraform: https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
Ubuntu AMI ID (AWS Marketplace): https://us-east-1.console.aws.amazon.com/ec2/home?region=us-east-1#AMICatalog
[Install JQ]
sudo apt install jq
[Install Terraform]
sudo apt-get update && sudo apt-get install -y gnupg software-properties-common
wget -O- https://apt.releases.hashicorp.com/gpg | \
gpg --dearmor | \
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
gpg --no-default-keyring \
--keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg \
--fingerprint
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \
https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \
sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update
sudo apt-get install terraform
[Install AWS CLI]
sudo apt install awscli -y
[Clone AWS Malware Lab GitHub Repo]
git clone https://github.com/adanalvarez/AWS-malware-lab
[Create File]
nano shared.auto.tfvars.json
[Configuration File]
{
"environment": "malware-lab",
"ami": "ami-xxxxxxxxxxxxxxxxx",
"account" : "222222222222",
"region": "us-east-1",
"enable_guacamole": false,
"enable_inetsim": true
}
[Terraform Commands]
- terraform init: Initialize the environment.
- terraform plan: Plan the configuration.
- terraform apply: Apply the configuration file to AWS account.
- terraform destroy: Destroy the environment once analysis has been conducted.
🐕 Follow Me:
Twitter: https://twitter.com/collinsinfosec
Instagram: https://www.instagram.com/_collinsinfosec
Cybercademy Discord Server: https://discord.gg/bWymWhCv9p
🤔 Have questions, concerns, comments?:
Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): https://amzn.to/2O0UfAM
Monitors (Dell D Series 31.5” D3218HN): https://amzn.to/2EXlgRF
Keyboard (Velocifire VM01): https://amzn.to/2TEswfd
Headphones (Audio Technica ATH-M40x): https://amzn.to/2F4Tvq6
Work Monitors (Dell U4919DW UltraSharp 49 Curved Monitor): https://amzn.to/3yQmDhM
Desk (FLEXISPOT EW8 Comhar Electric Standing Desk): https://amzn.to/3S9OxvG
Видео Build a Malware Analysis Lab (Self-Hosted & Cloud) - The Malware Analysis Project 101 канала Grant Collins
Safety is key when dealing with malware. Ensure you always are following protocols when it comes to downloading and detonating a malicious sample. Follow all instructions within the courses and listed resources.
📝 Notes:
https://cybercademy.org/the-malware-analysis-project-101/#notes
⏰ Timestamps:
0:00 - Introduction
0:51 - Crash Course Overview
1:52 - Self-hosted Topology
3:13 - Cloud-hosted Topology
4:12 - Items to Note
5:45 - Lab Showcase
6:10 - Download VirtualBox
7:02 - Download Windows 10 ISO
8:22 - Download Remnux
9:03 - Windows 10 VM Setup
16:06 - Disable Windows Defender
19:24 - Setup FlareVM
23:45 - Setup Remnux
25:15 - Setup Host-only Adapter
27:23 - Configure Remnux
33:45 - Setup & Test VM Connections
37:11 - Self-hosted Lab Finished
37:19 - Cloud Lab Overview
39:05 - Creating EC2 Instance
43:30 - Set VM Environment
45:55 - Disable Windows Defender
47:51 - Install FlareVM
53:10 - Export AMI
54:12 - Create IAM Role
57:35 - Download JQ, Terraform, AWSCLI
1:01:13 - Log Into IAM Account
1:02:14 - Change Terraform Files
1:05:49 - Deploy Cloud-hosted Lab
1:07:08 - Log Into Lab
1:07:44 - Configure INetSIM
1:09:02 - Cloud-lab Finished
1:11:06 - Conclusion
🔗 Links & Commands:
[Self-Hosted Lab]
Download VirtualBox: https://www.virtualbox.org/wiki/Downloads
Download Windows 10 ISO: https://info.microsoft.com/ww-landing-windows-10-enterprise.html
Download Remnux: https://docs.remnux.org/install-distro/get-virtual-appliance
Download Chrome: https://www.google.com/chrome/
[Download FlareVM]
Change directories to the Desktop
(New-Object net.webclient).DownloadFile('https://raw.githubusercontent.com/mandiant/flare-vm/main/install.ps1;,"$([Environment]::GetFolderPath("Desktop"))\\install.ps1")
Unblock-File .\\install.ps1
Set-ExecutionPolicy Unrestricted
.\install.ps1
[Cloud-Hosted Lab]
AWS Malware Lab by Adan Alvarez: https://github.com/adanalvarez/AWS-malware-lab/tree/main
AWS Sign-up: https://aws.amazon.com/resources/create-account/
Install Terraform: https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
Ubuntu AMI ID (AWS Marketplace): https://us-east-1.console.aws.amazon.com/ec2/home?region=us-east-1#AMICatalog
[Install JQ]
sudo apt install jq
[Install Terraform]
sudo apt-get update && sudo apt-get install -y gnupg software-properties-common
wget -O- https://apt.releases.hashicorp.com/gpg | \
gpg --dearmor | \
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
gpg --no-default-keyring \
--keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg \
--fingerprint
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \
https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \
sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update
sudo apt-get install terraform
[Install AWS CLI]
sudo apt install awscli -y
[Clone AWS Malware Lab GitHub Repo]
git clone https://github.com/adanalvarez/AWS-malware-lab
[Create File]
nano shared.auto.tfvars.json
[Configuration File]
{
"environment": "malware-lab",
"ami": "ami-xxxxxxxxxxxxxxxxx",
"account" : "222222222222",
"region": "us-east-1",
"enable_guacamole": false,
"enable_inetsim": true
}
[Terraform Commands]
- terraform init: Initialize the environment.
- terraform plan: Plan the configuration.
- terraform apply: Apply the configuration file to AWS account.
- terraform destroy: Destroy the environment once analysis has been conducted.
🐕 Follow Me:
Twitter: https://twitter.com/collinsinfosec
Instagram: https://www.instagram.com/_collinsinfosec
Cybercademy Discord Server: https://discord.gg/bWymWhCv9p
🤔 Have questions, concerns, comments?:
Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): https://amzn.to/2O0UfAM
Monitors (Dell D Series 31.5” D3218HN): https://amzn.to/2EXlgRF
Keyboard (Velocifire VM01): https://amzn.to/2TEswfd
Headphones (Audio Technica ATH-M40x): https://amzn.to/2F4Tvq6
Work Monitors (Dell U4919DW UltraSharp 49 Curved Monitor): https://amzn.to/3yQmDhM
Desk (FLEXISPOT EW8 Comhar Electric Standing Desk): https://amzn.to/3S9OxvG
Видео Build a Malware Analysis Lab (Self-Hosted & Cloud) - The Malware Analysis Project 101 канала Grant Collins
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Security Specialist | Complete Career Series for Cybersecurity
10 Ways if You are Wired for a Cybersecurity Career
Sign Up For This in Cybersecurity! | Ft. I.T. Nerd
Where You Should Compete for Capture the Flag Event in Cybersecurity | Capture the Flag Series![Cybersecurity Career Quiz [Free Download]](https://i.ytimg.com/vi/lBEnrGYCBAY/default.jpg)
Cybersecurity Career Quiz [Free Download]
Official Launch of Community Discord Channel
imposter syndrome in cybersecurity - it never goes away.
Exposing the "hacking service" scam
I Co-Founded a Cybersecurity Conference BSides Chapter - Here's What I Learned
feeling behind in cybersecurity... - it never goes away.
5 Resources for the I.T. Fundamentals
Cybersecurity University Education - One Significant Problem
My Summer Plans
Bridging the I.T. Security Experience Gap (as a cybersecurity student)
Build a Cloud Red Team / Blue Team Cybersecurity Homelab - Crash Course
3 Practical Application Strategies in Cybersecurity
The Cybersecurity Industry Is Broader Than You Think...
Cybersecurity - It's About the Learning Journey
Start a Cybersecurity Career in 2023 - A Complete Guide
GC2 - Hack with Google Sheets & Drive. (C2 Infrastructure)