Simple Malware Creation for AV Testing


Note the new location at OpenWorks.

For parking and how to find us:

About the Presentation

This presentation covers how to create a simulation of the LockBit 3.0 ransomware using known indicators of compromise (IoCs). The non-malicious simulation is designed to trigger detections by Endpoint Detection and Response (EDR) and Antivirus (AV) systems, providing a practical exercise to enhance purple teaming skills. The simulation includes a simple Python-based listening server for command and control (C2) and a simulated malware component developed in Nim.


During this time anyone in attendance is free to share an update on a project or hobby they are working on.

CTF Planning

There will be a time to collaborate for those involved in planning capture the flag (CTF) events for up-coming conferences.