Full-Stack Incident Response
With
@sambowne
,
@djhardb
,
@KaitlynGuru
, and
@infosecirvin
.
Scoreboard
·
Submit Flags
Archived Videos
Black Hat Trainings 2021 (First section)
Black Hat Trainings 2021 (Second section)
Archived Scores
Black Hat Trainings, 2021 (First section)
Black Hat Trainings, 2021 (Second section)
Splunk Boss of the SOC
BOTSv1: Threat Hunting with Splunk
325
ATT&CK Matrix v9
Reference: ATT&CK Matrix v9 for Enterprise
ATT 1: ATT&CK Tactics
10
ATT 2: ATT&CK Techniques for Tactics 43, 42, & 1‑3
10
ATT 3: ATT&CK v9 Techniques for Tactics 4-6
10
ATT 4: ATT&CK v9 Techniques for Tactics 7-9
10
ATT 5: ATT&CK v9 Techniques for Tactics 11, 10, and 40
10
ATT 6: ATT&CK v9 Groups
10
ATT 7: ATT&CK v9 Navigator
10
Windows and Linux Machines
IR 100: Windows and Linux Machines
20
Threat Intelligence
IR 380: STIX Threat Intelligence
35
IR 381: TAXII
15
IR 382: Cabby
40
IR 383: Squid
30
Velociraptor
IR 371: Velociraptor Server on Linux
25
IR 372: Investigating a PUP with Velociraptor
40
IR 373: Investigating a Bot with Velociraptor
50
IR 374: Investigating a Two-Stage RAT with Velociraptor
35
IR 370: Installing Velociraptor on Windows
30
Zeek
IR 350: Zeek Interactive Tutorial
59
IR 351: Installing and Using Zeek
25
Defending Windows
IR 301: Installing Splunk on a Windows Server
15
IR 330: Detecting Ransomware with Splunk and Sysmon
20
IR 303: Capturing RAM from a Process
15
IR 304: VirusTotal & Wireshark
35
IR 305: PacketTotal
45
IR 306: Yara
40
IR 307: Prefetch Forensics
15
ATT 100: Caldera
25
ATT 101: Caldera Operation
15
Defending Linux Servers
ED 200: Google Cloud Linux Server
15
IR 201: Splunk & Suricata
45
IR 202: Metasploit & Drupalgeddon
85
IR 308: osquery
15
Basics
H 101 - 104: Binary Games
40
Linux Unhatched: Free Course
ICSI | Certified Penetration Tester: Free Course
Command Line
LJ: Linux Journey
83
B: Bandit Challenges
69
U-Cen and U-Cyb: PowerShell
75
Networking
H 410: Nmap
40
H 420: Wireshark
110
H 430: Scapy
20
Making Your Own Windows VM
Optional
Recommended
PMA 41: Windows 10 with Analysis Tools
20
Not Recommended
PMA 40: FLARE-VM
20
Alternative Local System
H 2: Windows 2016 Server Virtual Machine
15
Best Cloud System
PMA 60: Windows 10 on Azure Cloud
15
Alternate Cloud System
PMA 30: Windows 2016 Server on Google Cloud
15
Virtual Machine Resources
Practical Malware Analysis Samples
Hypervisors
VMware Player (for Windows hosts, free)
VMware Fusion (for Mac hosts, 30-day trial)
VirtualBox (free for all platforms)
Posted 6-16-2022