This workshop is a crash course for anyone wanting to detonate malware and set up Cuckoo Sandbox. Students will receive hands-on experience in Cuckoo Sandbox’s malware analysis, reverse-engineering, and forensic capabilities. By providing step-by-step instructions during setup and first-time use, this workshop aims to remove the complexity and initial frustrations of setting up Cuckoo Sandbox alone.

To help students gain familiarity with Cuckoo Sandbox’s rich feature set, the workshop is divided into two parts:

1. Building a Cuckoo environment
2. Using the environment on malware

After walking students through the setup process, the instructor will provide targeted learning exercises that will allow students to demo their malware sandboxes by detonating live malware samples. During the detonation phase, the instructor will briefly review lessons in basic malware triage and dynamic malware analysis.

Although online guides for Cuckoo Sandbox may provide setup instructions, they do not offer in-depth tutorials on additional features or provide user support and feedback. This workshop will address these issues by teaching students malware triage and detonation techniques and by giving attendees real-time assistance from a qualified instructor. Students who attend this workshop will gain the confidence to set up Cuckoo Sandbox and perform malware triage on their own.

Security Analyst Mark Demarest is set to present the workshop Cuckoo Sandbox Setup: Malware Detection Through Detonation at CircleCityCon 6.0 in Indianapolis.