Red vs. Blue: Malware - Build It, Break It, Block It workshop

Abstract

Unleash your inner hacker and defender in this hands-on workshop! Dive into the dark art of crafting Windows and Linux rootkits, then switch gears to learn malware analysis and reverse engineering of those rootkits. This workshop will go from static analysis with tools like Binary Ninja and DetectItEasy to dynamic analysis decrypting payloads and extracting critical IoCs. It doesn’t stop there - you’ll build detection rules with tools like YARA, ClamAV, OSQuery, OSSEC, OpenEDR, and Snort signatures to hunt down those rootkits. Cap it off by integrating your defenses into Elasticsearch and Kibana dashboard. Perfect for aspiring red and blue teamers to learn over a dozen different open-source tools.

Day / Time / Location

Day 2, Saturday, 16-August-2025, 7:30pm - 11:30pm
Tobin 223 (Workshop C)

Full Description

Registration -- NOT required

NOTE: You do NOT need to register to take this workshop
-- please show up early to ensure a seat at Tobin 223 (Workshop C).

Presenter(s)

Scott Cook

Materials

Any materials needed to participate in this workshop will be available at-cost.
Observers are welcome at no cost.
To do the hands-on portion for this workshop:
Materials Cost: None

Required Software / What to bring

Basic python and C programming skills. Comfortable with powershell and bash. Should have entry level cyber experience.

Links