/rsac21-ransom

Primary LanguageShellGNU General Public License v3.0GPL-3.0

HANDS ON: Ransomware Response and Analysis

Welcome! Follow along sequentially from top to bottom with the links below.

Do not feel the need to rush. This github repo and the associated lab environments will be up through the end of the day.

Modify public golang ransomware code, with different techniques to prepare multiple samples. Now you to are a malware author ;).

Move your prepared samples to a windows environment and notice the lack of static file detections. Not suprising, but now you will upload all of your samples to virus total to observe the differences in detections with the various Virus Total engines.

Now it is game time. Execute ironcat family malware and simulate live reponse to a ransomware incident, and the code and malicious activity that is left behind.