Login

u/Cautious_Low_112

▲ 6 r/Cybersecurity101

First malware analysis — looking for sample recommendations and advice

Hey everyone, I'm a second-year cybersecurity student getting into malware analysis for the first time. I've set up a FLARE VM lab and have been going through some samples from MalwareBazaar.

I picked an AgentTesla sample as my first but it turned out to be a mislabeled Turkish game — got some interesting obfuscated strings out of it but nothing conclusively malicious.

Looking for:

  1. What sample do you recommend for a first proper analysis? Ideally something recent, .NET based, and not too exotic so I can cross-reference public writeups after I finish mine.

  2. Any advice on workflow or things you wish you knew on your first analysis?

Tools I have: PEStudio, DIE, dnSpy, x64dbg, ProcMon, Process Hacker, Wireshark — all on FLARE VM with host-only networking.

reddit.com
u/Cautious_Low_112 — 7 days ago
▲ 2 r/cybersecurity_help

First malware analysis — looking for sample recommendations and advice

Hey everyone, I'm a second-year cybersecurity student getting into malware analysis for the first time. I've set up a FLARE VM lab and have been going through some samples from MalwareBazaar.

I picked an AgentTesla sample as my first but it turned out to be a mislabeled Turkish game — got some interesting obfuscated strings out of it but nothing conclusively malicious.

Looking for:

  1. What sample do you recommend for a first proper analysis? Ideally something recent, .NET based, and not too exotic so I can cross-reference public writeups after I finish mine.

  2. Any advice on workflow or things you wish you knew on your first analysis?

Tools I have: PEStudio, DIE, dnSpy, x64dbg, ProcMon, Process Hacker, Wireshark — all on FLARE VM with host-only networking.

reddit.com
u/Cautious_Low_112 — 7 days ago
▲ 1 r/CyberSecurityAdvice

First malware analysis — looking for sample recommendations and advice

Hey everyone, I'm a second-year cybersecurity student getting into malware analysis for the first time. I've set up a FLARE VM lab and have been going through some samples from MalwareBazaar.

I picked an AgentTesla sample as my first but it turned out to be a mislabeled Turkish game — got some interesting obfuscated strings out of it but nothing conclusively malicious.

Looking for:

  1. What sample do you recommend for a first proper analysis? Ideally something recent, .NET based, and not too exotic so I can cross-reference public writeups after I finish mine.

  2. Any advice on workflow or things you wish you knew on your first analysis?

Tools I have: PEStudio, DIE, dnSpy, x64dbg, ProcMon, Process Hacker, Wireshark — all on FLARE VM with host-only networking.

reddit.com
u/Cautious_Low_112 — 7 days ago
▲ 1 r/SecurityCareerAdvice+1 crossposts

Seeking CV feedback and also genuinely want to know if I should be worried about AI eating this field

Cybersecurity Researcher | Kuala Lumpur, Malaysia Portfolio: https://atank.vercel.app

EDUCATION

BSc (Hons) Cybersecurity Asia Pacific University (APU) Sept 2024 – Present | CGPA: 3.59 | First Year GPA: 3.44 (Sem 1: 3.42, Sem 2: 3.47)

Foundation in Computing Asia Pacific University (APU) Sept 2023 – Jul 2024 | GPA: 3.70 (Sem 1: 3.61, Sem 2: 3.78, Sem 3: 3.70)

WORK EXPERIENCE

Backend Developer SAMAS Gamify (2022–2023) Assisted in backend development within an AWS environment (Lambda, PostgreSQL).

PROJECTS

Hardware Security Assessment: $10 IoT Camera

ZTE ZXHN H298A Home Gateway Hardware Recon & Boot Process Analysis (Feb 2026) Security research on a consumer router via UART serial access. Conducted boot process analysis, filesystem extraction, and network service enumeration (Nmap, SSL enumeration, web fingerprinting).

HackTheBox Imagery (Medium Machine) Nov 2025

HackTheBox Pterodactyl (Medium Machine) Mar 2026

HackTheBox SimpleEncryptor (Reverse Engineering Challenge) Mar 2026 Static analysis using Ghidra to reverse a custom encryption algorithm.

HTB Neurogrid CTF Silent Oracle (Reverse Engineering) Dec 2025

CTF COMPETITION RESULTS

HackTheBox Hack The Boo 2025: The Hollowing 253rd of 2,893 participants HackTheBox — Neurogrid CTF: Human-Only 130th of 1,337 participants

TOOLS & SKILLS

Ghidra, Burp Suite, Nmap, LinPEAS, Saleae Logic Analyzer, GitHub Hardware: UART serial access, RF modules (ESP32, nRF24), logic analysis OS: Arch Linux (primary), Linux administration Languages: Python, Bash (scripting/automation) Web: Web development, web exploitation fundamentals

CERTIFICATIONS

Red Hat System Administration I (RH124)
Red Hat System Administration II (RH134)
CCNA: Introduction to Networking
CCNA: Switching, Routing, and Wireless Essentials

EXTRACURRICULAR

Founder & Lead — KASHF Vulnerability Research Collective, APU (2025–Present) Student-led security research club organized into departments covering Reverse Engineering, Web Exploitation, Cryptography, Hardware, Forensics, AD/Windows, Vulnerability Demonstration, and Bug Bounty.

ACADEMIC ACHIEVEMENTS

IGCSE: 3A+, 2A, 1B, 1C IELTS: Band 7.0

u/Cautious_Low_112 — 26 days ago