Blue Team
-
Velociraptor: WALKTHROUGH
Velociraptor In this room, we will explore Rapid7’s newly acquired tool known as Velociraptor. Per the official Velociraptor documentation, “Velociraptor is a unique, advanced…
-
Disgruntled: WALKTHROUGH
Hey, kid! Good, you’re here! Not sure if you’ve seen the news, but an employee from the IT department of one of…
-
Unattended: WALKTHROUGH
Welcome to the team, kid. I have something for you to get your feet wet. Our client has a newly hired employee…
-
Intro to Malware Analysis
Every once in a while, when you are working as a SOC analyst, you will come across content (a file or traffic) that seems…
-
TheHive Project
Welcome to TheHive Project Outline! This room will cover the foundations of using the TheHive Project, a Security Incident Response Platform. Specifically,…
-
Kape: WALKTHROUGH
Revisiting Windows Forensics In the Windows Forensics 1 and Windows Forensics 2 rooms, we learned about the different artifacts which store information about a user’s activity…
-
Windows Forensics 2:WALKTHROUGH
Introduction We learned about Windows Forensics in the previous room and practiced extracting forensic artifacts from the Windows Registry. We learned about gathering system…
-
Windows Forensics 1: WALKTHROUGH
Introduction to Computer Forensics for Windows: Computer forensics is an essential field of cyber security that involves gathering evidence of activities performed…
-
DFIR An Introduction: WALKTHROUGH
Learning Objectives Security breaches and incidents happen despite the security teams trying their best to avoid them worldwide. The prudent approach in…
-
Benign: WALKTHROUGH
We will investigate host-centric logs in this challenge room to find suspicious process execution. To learn more about Splunk and how to…
