Description
There's a lot of talk about good and bad use of ChatGPT, but in this course we will dig into using ChatGPT to do some hands on introductory SOC analyst/incident response work, starting with basic packet analysis and moving to basic reverse engineering of a piece of malware. ChatGPT will be our guide as we do simple and intermediate level Wireshark packet analysis. We will reconstruct an entire attack and exfiltration campaign, then determine the exact commands used by the attacker. This work usually requires in-depth knowledge of SOC analyst and incident response tools, and of attack patterns in general, but we will see how having a subject matter expert create ChatGPT prompts to perform the investigation can make this a task something that even a novice SOC analyst would be able to complete. This will be a fun exercise, but remember to get your company's permission to do this in a environment or on a computer/virtual machine they approve of if using it at work. Since remnants of malware exist in the traffic, it could cause your antivirus or endpoint protection to alert.