DIY Malware Emulation: Build It, Break It, Detect It

DIY Malware Emulation: Build It, Break It, Detect It

Level of Instruction: Intermediate

Instructed by: Sebastian Tapia, Ricardo Sanchez

Abstract:

Real threats leave behind real artifacts — and in this hands-on workshop, we’ll combine malware development and analysis by safely recreating and dissecting a custom malware based on Lumma Stealer, one of today’s most active malware families. This approach is designed to support adversary emulation efforts by replicating real-world TTPs in a controlled environment, while also teaching participants how to detect and analyze each technique. Whether you're on a red or purple team looking to simulate attacker behavior, or on a blue team aiming to strengthen detection capabilities, this workshop delivers practical skills grounded in real-world threats.