G

Guntur W.R.

Security Engineer

Menu

Labs & Courses

Hands-on labs and training programs completed

Training Courses

Zero Cost SIEM Menggunakan Wazuh

Zero Cost SIEM Menggunakan Wazuh

Hands-on lab building a zero-cost SIEM solution using Wazuh for threat detection, log analysis, and security monitoring.

View certificate
Production Ready SIEM dan SOC Menggunakan Wazuh dan Graylog

Production Ready SIEM dan SOC Menggunakan Wazuh dan Graylog

Building a production-ready SIEM and SOC environment using Wazuh integrated with Graylog for centralized log management.

View certificate
Otomasi Penanganan Insiden Menggunakan Wazuh, Shuffle SOAR, & DFIR-IRIS

Otomasi Penanganan Insiden Menggunakan Wazuh, Shuffle SOAR, & DFIR-IRIS

Automating incident response workflows using Wazuh, Shuffle SOAR, and DFIR-IRIS for efficient security operations.

View certificate

CyberDefenders Labs

38 completed challengesSyncing...

View Profile
DifficultyCategory

Lockdown

Reconstruct a multi-stage intrusion by analyzing network traffic, memory, and malware artifacts using Wireshark, Volatility, and VirusTotal, mapping findings to MITRE ATT&CK.

EasyNetwork Forensics

XWorm

Analyze malware behavior to identify persistence methods, evasion techniques, and C2 infrastructure by extracting artifacts and configuration data from static and dynamic analysis.

MediumMalware Analysis

HawkEye

Reconstruct a HawkEye Keylogger data exfiltration incident by analyzing network traffic with Wireshark and CyberChef, identifying IoCs and stolen credentials.

MediumNetwork Forensics

OpenWire

Investigate a Java deserialization vulnerability in Apache ActiveMQ that enables remote code execution through insecure class loading.

MediumNetwork Forensics

MalDoc101

Analyze obfuscated scripts to identify malicious infrastructure, specifically extracting the first FQDN used to download a trojan.

MediumMalware Analysis

FakeGPT

Analyze a malicious Chrome extension's code and behavior to identify data theft mechanisms, covert exfiltration, and anti-analysis techniques.

EasyMalware Analysis

Obfuscated

Deobfuscate multi-stage VBA and JavaScript malware from a Word document, extracting IOCs and reconstructing execution flow.

MediumMalware Analysis

BRabbit

Reconstruct a Bad Rabbit ransomware attack chain by analyzing phishing, persistence, and MBR modification using dynamic analysis and MITRE ATT&CK.

MediumThreat Intel

RotaJakiro

Reverse engineer and analyze RotaJakiro Linux malware using Ghidra, strace, and Wireshark to identify persistence, anti-analysis, and C2 mechanisms.

HardMalware Analysis

Silent Breach

Analyze a forensic image to extract communication artifacts, identify malware behavior, and decrypt encrypted files.

MediumEndpoint Forensics

SolarDisruption

Investigate PLC network traffic and system logs to identify insider manipulation attempts and determine the cause of the solar panel disruption.

HardNetwork Forensics

Tusk Infostealer

Analyze threat intelligence and malware configuration to identify TTPs, extract IOCs, and track cryptocurrency flow of the Tusk Infostealer campaign.

EasyThreat Intel

PacketDetective

Analyze network traffic in PCAP files using Wireshark to extract IOCs and reconstruct attacker tactics like authentication and remote execution.

EasyNetwork Forensics

Tomcat Takeover

Analyze network traffic using Wireshark to identify suspicious web server administration access and potential compromise.

EasyNetwork Forensics

PaloAltoRCE - UTA0218

Reconstruct a Palo Alto RCE attack timeline by analyzing firewall logs in ELK, identifying initial access, reverse shell, persistence, and data exfiltration.

HardThreat Hunting

XLMRat

Analyze network traffic to identify malware delivery, deobfuscate scripts, and map attacker techniques using MITRE ATT&CK.

EasyNetwork Forensics

Reveal

Reconstruct a multi-stage attack by analyzing Windows memory dumps using Volatility 3, identifying malicious processes and command lines.

EasyEndpoint Forensics

Web Investigation

Examine network traffic with Wireshark to investigate web server compromise, identify SQL injection, extract attacker credentials, and detect uploaded malware.

EasyNetwork Forensics

AsyncRAT

Dissect a multi-stage AsyncRAT infection exploring obfuscation techniques, payload extraction, persistence mechanisms, and steganographic methods.

MediumMalware Analysis

MeteorHit - Indra

Reconstruct a wiper malware attack by analyzing registry, event logs, and USN journal artifacts using Registry Explorer and Event Log Explorer.

MediumEndpoint Forensics

AndroidBreach

Analyze an Android device dump and reverse engineer a malicious APK using ALEAPP and JADX-GUI to identify malware functionality and data exfiltration.

MediumEndpoint Forensics

IcedID

Investigate IcedID malware using VirusTotal and threat intelligence platforms to identify IOCs, associated threat actors, and execution mechanisms.

EasyThreat Intel

GrabThePhisher

Analyze a cryptocurrency phishing kit to identify exfiltration methods, extract critical IOCs, and gather threat actor intelligence.

EasyThreat Intel

Ramnit

Analyze a memory dump using Volatility to identify a malicious process, extract network IOCs, file hash, and compilation timestamp.

EasyEndpoint Forensics

Insider

Analyze Linux disk image artifacts, including logs and Bash history, using FTK Imager to investigate insider threat activities.

EasyEndpoint Forensics

DanaBot

Analyze network traffic using Wireshark to identify DanaBot initial access, deobfuscate malicious JavaScript, and extract IOCs.

EasyNetwork Forensics

3CX Supply Chain

Reconstruct the 3CX supply chain attack by analyzing compromised MSI and DLL artifacts to identify TTPs and attribute the incident.

EasyThreat Intel

Red Stealer

Analyze a suspicious executable using VirusTotal and MalwareBazaar to extract IOCs, identify C2 infrastructure, and MITRE ATT&CK techniques.

EasyThreat Intel

PsExec Hunt

Analyze SMB traffic in a PCAP file using Wireshark to identify PsExec lateral movement, compromised systems, and user credentials.

EasyNetwork Forensics

The Crime

Utilize ALEAPP to analyze Android device artifacts, reconstructing a victim's financial details, movements, and communication patterns.

EasyEndpoint Forensics

Amadey - APT-C-36

Reconstruct Amadey Trojan behavior by analyzing memory dumps with Volatility3 to identify malicious processes and persistence mechanisms.

EasyEndpoint Forensics

Yellow RAT

Analyze malware artifacts using threat intelligence platforms like VirusTotal to identify IOCs, C2 servers, and adversary tactics.

EasyThreat Intel

PoisonedCredentials

Analyze network traffic for LLMNR/NBT-NS poisoning attacks using Wireshark to identify the rogue machine and compromised accounts.

EasyNetwork Forensics

Oski

Analyze a sandbox report using Any.Run to identify Stealc malware behavior, extract configuration details, and map tactics to MITRE ATT&CK.

EasyThreat Intel

WebStrike

Analyze network traffic using Wireshark to investigate a web server compromise, identify web shell deployment and data exfiltration.

EasyNetwork Forensics

Intel101

Apply open-source intelligence (OSINT) techniques using Whois, Wayback Machine, and Google Lens to investigate digital footprints.

MediumThreat Intel

Lespion

Investigate an insider threat by analyzing GitHub repositories for exposed credentials, using OSINT tools to correlate online accounts.

EasyThreat Intel

RedLine

Employ Volatility to analyze a memory dump, identifying suspicious processes, network IOCs, and attacker C2 infrastructure.

EasyEndpoint Forensics