Internews’ Greater Internet Freedom project developed a four-part course on the analysis of malicious documents in English (find here links for Part 1, Part 2, Part 3, and Part 4). The Infuse project and contributors have developed translations of the course in Arabic, Brazilian Portuguese, French, and Spanish, which can be found on this page. 

Credit for the development of the original course goes to Internews’ Greater Internet Freedom Project.

The translation into Brazilian Portuguese was led by Celso Bessa, with some translation and proofreading carried out by Heloisa Helena Averbach, with feedback and support from the members of the Malware Detection for Civil Society Organizations study group, in November and December 2024

Below is an introductory summary of the course:

This (mini) course is aimed at those digital security enthusiasts and practitioners (technical support, facilitators, first responders, etc.) who want to learn more about malicious documents and how to identify them. These documents can be email attachments, files on flash drives, or downloads from specific websites. The main goals are:

• Learn the basics of how common document formats work and how they can be weaponized, with special emphasis on Portable Document Format files (PDF) and Microsoft Office documents (from at least MS Word, Excel, and PowerPoint).
• Introduce a few tools that might help identify signs of dangerous documents or confirm that they are safe to open.
• Provide some security advice and clarify common doubts about handling suspicious files.