Learning Malware Analysis Through Practice

Some time ago I wrote about the importance of deliberate practice for developing information security skills. Practice is scritical to improving expertise in all aspects of infosec, including malware analysis. You will get better if you take the time to experiment with malware in a laboratory environment, building upon what you may have read or were taught to practical obtain hands-on expertise.

That’s why I’m a big fan of puzzles and exercises designed for experimenting with malware. If you like learning in this manner as well, you might enjoy the malware analysis challenge I published on the SANS forensics blog:

About a year ago I collaborated with the folks at Lake Missoula Group to create a malware-themed network forensics puzzle. That contest is now over; however, I would like to provide an opportunity to learn from the scenario defined in that puzzle to strengthen your malware analysis skills.

There is no prize for correctly answering the 7 questions in that challenge. It’s merely an opportunity for you to learn malware analysis through practice.

For additional exercises related to analyzing and reverse-engineering malicious software, see the Honeynet Project Challenges page, which lists several challenges related to malware and forensics.

Lenny Zeltser


About the Author

Lenny Zeltser develops products and programs that use security to achieve business results. He is the CISO at Axonius and Faculty Fellow at SANS Institute. Lenny has been leading efforts to establish resilient security practices and solve hard security problems for over two decades. A respected author and practitioner, he has been advancing tradecraft and contributing to the community. His insights build upon real-world experience, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more