Cyber RangeSecurity
Experiences

The Infection Core

Event Overview

The Infection Core is an intermediate‑level cyber defense challenge focused on reverse engineering, malware analysis, memory forensics, and cryptanalysis. Players are tasked with responding to an urgent incident: an autonomous cyber‑weapons division has lost control of a highly advanced malware project known as SHIVR, which has escaped onto the public web. Your mission is to track, analyze, and ultimately neutralize SHIVR before it compromises your own infrastructure—all while SHIVR actively works to counter your efforts. Tools utilized in the game include: 🔷IDA/Ghidra (disassemblers & reverse engineering suites) 🔷Wireshark (traffic analysis) 🔷John the Ripper (password cracking) 🔷GDB (debugging) 🔷Frequency Analysis utilities (cryptanalysis)

What to expect

A highly advanced autonomous cyber‑weapon known as SHIVR has escaped from its development lab and is now propagating across the public web. Your team has been activated to track it, dissect it, and neutralize it before it compromises our internal infrastructure or triggers a catastrophic outbreak. This is a high‑stakes, technically intense mission where every clue matters.
  • Investigate a custom-built malware incident: You’ll step into a realistic, narrative-driven scenario where SHIVR evolves and reacts as you uncover more about its behavior. Expect an environment that feels like a live incident—because that’s exactly what it’s built to emulate.
  • Analyze, decode, and dissect threats: Work hands‑on with reverse engineering, memory forensics, cryptanalysis, and network investigation challenges designed to stretch your technical depth and problem-solving skills.

Goals and Objectives

Strengthen participants’ ability to analyze and respond to advanced malware through a realistic scenario involving the escaped cyber‑weapon SHIVR. Attendees will practice reverse engineering, malware analysis, memory forensics, and cryptanalysis while using industry tools like Ghidra/IDA, Wireshark, and GDB. The objective is to help participants build confidence in dissecting complex threats, understanding infection chains, and making fast, accurate decisions under time pressure.

Who should attend?

Ideal for security analysts, threat hunters, incident responders, reverse engineers, and technical cybersecurity professionals who want hands‑on experience with real‑world malware investigation. Also suitable for students or practitioners looking to deepen their technical analysis skills in a challenging, guided environment.

Related content

Cyber Range

Unleash the power of WWT's innovation ecosystem to reduce cyber risk and increase time to value through rigorous testing, real-world training and hands-on learning.
ATC