Challenge: Memory Mysteries

In this challenge, you will take on a memory forensics challenge by analyzing a dump file. Memory forensics is an important piece of evidence when conducting a forensics investigation. Unique insights such as network connections and injected processes can be found through memory analysis.

Course Content

Course Description

Blue Team Analyst POV: Memory Analysis

In this months challenge, participants will be in the seat of a security analyst, conducting forensic analysis on a memory image. This type of evidence is crucial for forensic invesitgation, due to the nature of the volatile evidence. Certain findings such as, but not limited to, network connections, injected processes, command history and malicious DLLs can be found within the systems memory. Successfully analyzing the memory image, participants will be able to demonstrate their proficiency in basic memory analysis. This skillset is essential in the field of cybersecurity, where analysts must constantly stay one step ahead of attackers to safeguard their organization's digital assets.

Who is this for?

Early career to mid practitioners. This challenge may be difficult for individuals new to cybersecurity, but the difficulty rating on this challenge is relatively low. We encourage using any internet resources and community/colleague assistance in completing the challenge.

Are write ups permitted?

Yes, write-ups are permitted; please do not post answers directly. All write-ups should include a link to Cybrary and the Cybrary Course.

What resources are available to help solve this challenge?

Online search, community, colleagues, or fellow practitioners.

This course is part of a Career Path:
No items found.

Instructed by

Master Instructor
Marc Balingit

Marc has led, managed, and performed global incident response investigations focused on large-scale data breaches, system compromises, data exfiltration, ransomware, and malware outbreaks. He has worn many hats throughout his Incident Response career, including proactive and reactive services. Outside Blue Teaming, Marc is passionate about Vulnerability Research and Malware Analysis. He is a Technical SME at Cybrary, focusing on Threat Actors and Blue Teaming for course content.

Cybrary Logo
Certification Body
Certificate of Completion

Complete this entire course to earn a Challenge: Memory Mysteries Certificate of Completion