Contents

1. Type

Type100: macOS, information collection from users , HW, SW, Intelligence information collection (20)

1) 분야 설명

Internal OS knowledge, Memory forensics technics, Network traffic analysis. Basic knowledge of DF. (VM dump)

Type200: Windows OS compromise (20)

1) 분야 설명

Windows driver-based malware and dropper script reversing, C2 server (VM dump)

Type300: ICS Railway System (28)

1) 분야 설명

3 malware reversing, C2, simulated ICS network (memory dump, network pcap)

Type400: Android OS compromise (10)