Threat Detection
-
Velociraptor: WALKTHROUGH
Velociraptor In this room, we will explore Rapid7’s newly acquired tool known as Velociraptor. Per the official Velociraptor documentation, “Velociraptor is a unique, advanced…
-
Intro to Malware Analysis
Every once in a while, when you are working as a SOC analyst, you will come across content (a file or traffic) that seems…
-
TheHive Project
Welcome to TheHive Project Outline! This room will cover the foundations of using the TheHive Project, a Security Incident Response Platform. Specifically,…
-
DFIR An Introduction: WALKTHROUGH
Learning Objectives Security breaches and incidents happen despite the security teams trying their best to avoid them worldwide. The prudent approach in…
-
Investigating With Splunk: WALKTHROUGH
SOC Analyst Johny has observed some anomalous behaviours in the logs of a few windows machines. It looks like the adversary has access to some…
-
Splunk Incident Handling: WALKTHROUGH
This room covers an incident Handling scenario using Splunk. An incident from a security perspective is “Any event or action, that has…
-
Splunk:Basics: WALKTHROUGH
Splunk is one of the leading SIEM solutions in the market that provides the ability to collect, analyze and correlate the network and machine…
-
ItsyBitsy (ELK): WALKTHROUGH
In this challenge room, we will take a simple challenge to investigate an alert by IDS regarding a potential C2 communication. Room Machine Before…
-
ELK 101: WALKTHROUGH
In this room, we will learn how to utilize the Kibana interface to search, filter, and create visualizations and dashboards, while investigating VPN logs…