January 2025
-
TheHive Project
Welcome to TheHive Project Outline! This room will cover the foundations of using the TheHive Project, a Security Incident Response Platform. Specifically,…
-
Kape: WALKTHROUGH
Revisiting Windows Forensics In the Windows Forensics 1 and Windows Forensics 2 rooms, we learned about the different artifacts which store information about a user’s activity…
-
Windows Forensics 2:WALKTHROUGH
Introduction We learned about Windows Forensics in the previous room and practiced extracting forensic artifacts from the Windows Registry. We learned about gathering system…
-
DFIR An Introduction: WALKTHROUGH
Learning Objectives Security breaches and incidents happen despite the security teams trying their best to avoid them worldwide. The prudent approach in…
-
Benign: WALKTHROUGH
We will investigate host-centric logs in this challenge room to find suspicious process execution. To learn more about Splunk and how to…
-
Investigating With Splunk: WALKTHROUGH
SOC Analyst Johny has observed some anomalous behaviours in the logs of a few windows machines. It looks like the adversary has access to some…
-
BlackBox UploadVuln
We'll look at this as a step-by-step process. Let's say that we've been given a website to perform a security audit on.…
-
Splunk Incident Handling: WALKTHROUGH
This room covers an incident Handling scenario using Splunk. An incident from a security perspective is “Any event or action, that has…
-
Splunk:Basics: WALKTHROUGH
Splunk is one of the leading SIEM solutions in the market that provides the ability to collect, analyze and correlate the network and machine…