About this Event
By the end of this workshop, participants will be able to perform a complete forensic investigation of a web-based compromise, ranging from initial entry point identification to command-and-control (C2) analysis and credential recovery using network traffic analysis tools.
The "Big Picture" vs. The "Microscope"
- Police Academy teaches Network Traffic Analysis (PCAP). This is the "Big Picture"βseeing how an attacker moves from the outside in. Itβs easier for students to visualize a file being uploaded and a connection being made.
- Bitter Lemon is a "Microscope" task. It involves Malware Analysis and reverse engineering. If a student doesn't understand how a C2 server talks over a network (Police Academy), they will likely struggle to understand why a malware sample is calling a specific function like WinHttpOpen (Bitter Lemon).
Pre-requisites for participants:
- Basic understanding of PCAP and networking (OSI model, IP addressing and ports)
- Knowledge of HTTP Method and terminal-based tools for data manipulation
- Windows OS proficiency (comfortable with using Powershell)
- Ability to read basic Python and VBA (macro) code snippets
- Basic knowledge of malware theory and Wireshark tool will be helpful
Please bring along your own laptop and charger (Wi-fi provided).
Agenda
π: 12:00 PM - 01:00 PM
Registration
Info: Participants to be registered by 12:45pm latest.
π: 01:00 PM - 02:00 PM
Introduction & Cympire Platform Onboarding
π: 02:00 PM - 04:00 PM
Cyber Simulation Workshop Technical Deep Dive
Info: Instructor-led training - Police Academy / Bitter Lemon
π: 04:00 PM - 04:30 PM
Solution Walkthrough
Info: Step by Step Solution of Police Academy & Bitter Lemon
π: 04:30 PM - 05:00 PM
Individual Assessment
Info: AI-powered Assessment Platform - BINA Assessment
π: 05:00 PM - 05:30 PM
Wrap-up
Info: Feedback form
Event Venue & Nearby Stays
SMU Lee Kong Chian School of Business, 50 Stamford Road, Singapore, Singapore
SGD 10.90
