Presented at
DEF CON 33 (2025),
Aug. 10, 2025, 9 a.m.
(240 minutes).
Real threats leave behind real artifacts — and in this hands-on workshop, we’ll combine malware development and analysis by safely recreating and dissecting a custom malware based on Lumma Stealer, one of today’s most active malware families. This approach is designed to support adversary emulation efforts by replicating real-world TTPs in a controlled environment, while also teaching participants how to detect and analyze each technique. Whether you're on a red or purple team looking to simulate attacker behavior, or on a blue team aiming to strengthen detection capabilities, this workshop delivers practical skills grounded in real-world threats.
Presenters:
-
Sebastian Tapia
Sebastian breaks things to understand them—and sometimes to teach others how to do it better. He’s spent years in red teaming, malware reversing, and purple team exercises—learning how attackers think, and how defenders can think better. These days, he builds labs, breaks code, and shares what he learns so others can level up, too.
-
Ricardo Sanchez
Ricardo Sanchez is an accomplished cybersecurity professional with a passion for empowering others through knowledge sharing. As a Security Architect at one of Peru's leading insurance companies, he specializes in designing innovative technology strategies for threat intelligence, detection engineering, and threat hunting to combat evolving cyber threats. Committed to lifelong learning, Ricardo thrives on analyzing malware and staying at the forefront of cybersecurity advancements.
Similar Presentations: