Virus Defense Lab

Lab 1: Ethics & Authorization

Understand why malware testing must be authorized and controlled.

Lab 2: What Is a Virus?

Learn how viruses differ from worms, trojans, and ransomware.

Lab 3: Virus Life Cycle

Study infection, execution, replication, and payload phases.

Lab 4: Infection Vectors

Email attachments, USB devices, downloads, and macros.

Lab 5: File Extension Abuse

How double extensions trick users (e.g., file.pdf.exe).

Lab 6: Indicators of Infection

CPU spikes, unknown processes, file changes.

Lab 7: System File Masquerading

Why viruses mimic legitimate OS files.

Lab 8: Registry Persistence

Startup keys and auto-execution techniques.

Lab 9: Scheduled Task Abuse

Maintaining persistence using task schedulers.

Lab 10: USB Propagation

How removable media spreads infections.

Lab 11: Macro Viruses

Office macros as a common infection vector.

Lab 12: Memory-Resident Viruses

How malware hides in system memory.

Lab 13: Signature-Based Detection

How antivirus identifies known malware.

Lab 14: Heuristic Detection

Detecting unknown viruses through behavior.

Lab 15: False Positives

When security tools make mistakes.

Lab 16: Sandbox Analysis

Safely observing malware behavior.

Lab 17: Containment Strategy

Isolating infected systems quickly.

Lab 18: Quarantine & Removal

Cleaning systems without data loss.

Lab 19: Incident Response Flow

Detect → Contain → Eradicate → Recover.

Lab 20: Logging & Monitoring

Why logs are critical for detection.

Lab 21: User Awareness Training

Reducing infections through education.

Lab 22: Least Privilege

Why users should not run as admin.

Lab 23: Patch Management

Closing vulnerabilities before exploitation.

Lab 24: Defense in Depth

Layered security controls.

Lab 25: Final Capstone – Virus Defense Strategy

Create a complete virus prevention and response plan.

CTF{DEFENSE_IN_DEPTH_WINS}