This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 4.1 of Malicious Web & Document Files
Drive-by download infection chains, exploit kits, five URL deception techniques with detection methods, safe investigation tools, Traffic Distribution Systems, and a structured URL analysis documentation workflow.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
URLScan.io — Safe URL Sandbox
Submit any URL for sandboxed analysis. Captures screenshots, HTTP transactions, JavaScript behaviour, and contacted infrastructure without risk.
WHOIS Lookup — ICANN
Official ICANN WHOIS lookup. Check domain registration date and registrar for any suspicious domain.
MITRE ATT&CK — Drive-by Compromise (T1189)
ATT&CK entry for drive-by compromise with real-world examples, detection guidance, and mitigation strategies.
Quadrant 4 · Self-Assessment
Malicious Web & Document Files
Covers drive-by download attacks, JavaScript de-obfuscation, malicious PDF analysis, RTF exploitation, and Microsoft Office macro malware.
REMA Complete Assessment
A comprehensive 120-question assessment covering the entire Reverse Engineering and Malware Analysis curriculum: malware taxonomy and reverse engineering fundamentals, static and dynamic analysis, reversing malicious code, malicious web and document files, in-depth analysis of packed and fileless malware, and self-defending malware techniques.