Practical Malware Analysis
Hack The Bay 3.0
Mar 23, 2026
Enter Flags
·
Scoreboard
·
Details
AI Agents
The Easy Way
ED 33: Ubuntu Linux Desktop (10 pts)
ML 135: OpenClaw on Ubuntu Linux (15 pts)
ML 136: OpenClaw: exec and Email (20 pts)
ML 137: OpenClaw: Web Browsing and Remote Access (20 pts)
Harder
ML 123: Running Llama 3 Locally (15 pts)
ML 133: MCP with Claude (15 pts)
H 112: Cloudflare Quick Tunnel (25 pts)
ML 134: IronClaw on Ubuntu Linux (15 pts)
Prepare a Windows VM
#1
PMA 41: Windows 11 with Analysis Tools
20
Alternative Local System
ED 32: Windows Virtual Machine
15 extra
Best Cloud System
PMA 60: Windows 11 on Azure Cloud
15 extra
Alternate Cloud System
PMA 30: Windows Server on Google Cloud
15 extra
Malware Analysis
#2
PMA 101: Basic Static Techniques
20 + 30 extra
F 211: Memory Forensics of LastPass and Keeper
25 extra
PMA 110: capa
15 extra
#3
PMA 221: Basic Dynamic Analysis
30 + 30 extra
PMA 222: Making a Windows Keylogger
10 extra
PMA 230: Insecure Notepad++ Update
20 extra
Debugging
PMA 301: x86 Assembler with Jasmin
10 + 10 extra
PMA 340: Windows ARM Executable
15 extra
#4
PMA 401. Simple EXE Hacking with Ollydbg
30 + 90 extra
PMA 402: Hacking Minesweeper with Ollydbg
15 + 30 extra
PMA 404: Adding Code to an EXE in a New Section
20 extra
PMA 405: Monitoring Windows API Calls with WinDbg
15 extra
PMA 406: Using Ghidra and OllyDbg to Find a Salt
15 extra
PMA 407: Scripting in OllyDbg
20 extra
PE Files and DLLs
PMA 105: Process Explorer
10
#5
PMA 102: Unpacking
25
#6
PMA 121: Unpacking with OllyDbg and pestudio
20 + 30 extra
PMA 122: PE Headers
10 + 40 extra
PMA 123: Importing DLLs
15 + 30 extra
PMA 124: DLL Hijacking
15
PMA 125: Installing Visual Studio
Not needed for Win 11 w Tools VM
10 extra
PMA 126: DLL Proxying
20
DOT NET
#7
PMA 132: Reversing a .NET Executable
40 extra
ED 330: Using C# DOT NET
20 extra
ED 331: Dot Net Reflector
45 extra
Rust
ED 30: Linux Virtual Machine
15 extra
H 201: Google Cloud Linux Server
10 extra
R 10: Rust Basics, Overflows, & Injection
35 extra
R 20: Dangling Pointers & Memory Leaks in Rust
35 extra
Kernel Debugging
PMA 430: The New WinDbg
15
PMA 431: WinDbg: Source-Level Debugging
10
PMA 432: WinDbg Preview: Kernel Debugging
15 + 20 extra
PMA 433: Kernel Debugging with Breakpoints
30 extra
PMA 434: Debugging a Driver
30 extra
Bootkits
PMA 420: Bootkit Analysis with Bochs
15 extra
PMA 421: Understanding the MBR
70 extra
TPM 1: Trusted Platform Modules on Windows
15 extra
Disassembly
PMA 303: IDA Pro
20 + 20 extra
PMA 304: C Constructs in Assembly
15
PMA 510: Starting with Ghidra
10 extra
PMA 511: Ghidra Data Displays
40 extra
Windows Memory Protections
ED 301: Windows Stack Protection I: Assembly Code
15 extra
ED 302: Windows Stack Protection II: Exploit Without ASLR
15 extra
ED 303: Windows Stack Protection III: Limitations of ASLR
15 extra
ED 310: Windows Mitigations
10 extra
H 540: RDP and Old Passwords
15 extra
Assembly Language
Prepare a Linux VM
ED 30: Linux Virtual Machine
15 extra
H 201: Google Cloud Linux Server
10 extra
ASM 100: Basics
69 extra
ASM 104: Bases & Printing
40 extra
ASM 105: ASCII
20 extra
ASM 110: Gdb
30 extra
ASM 120: Files
55 extra
ASM 200: Caesar Cipher
35 extra
ASM 210: XOR
20 extra
Virtual Machine Resources
Download Textbook Labs Here
Hypervisors
VMware Workstation (for Windows hosts, free)
VMware Fusion (for Mac hosts, free)
VirtualBox (free for all platforms)
Posted 3-22-26
Updated 7:41 am 3-23-26
