Lab 6-1 📝 Summary The Chapter 6 labs teach you to identify C code constructs in assembly by analyzing a multi-stage malware sample. Each lab reveals one construct (if → loop → switch → complex)...

Summary Built a full DFIR Attack–Defense Lab using Kali, Windows 10, Splunk, and Sysmon to simulate adversary TTPs (ingress, execution, discovery, persistence, beaconing) and perform log-based d...

Toolkit This lab uses a standard set of tools for advanced static analysis. Tool Type Purpose Typical Usage & Notes PE Studio St...

Toolkit This labs uses a standard set of tools for basic static analysis & basic dynamic analysis. Tool Type Purpose Typical usage / notes ...

Phishing mail analysis EML File Summary summary The email pretends to be from a legitimate source and includes an attachment that, at first glance, appears to be a harmless file (in this case, ...