Brave is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: Volatility 3, HxD, CertUtil, Execution, Discovery, Command and Control.
Learning Objectives
Investigate Windows memory images using Volatility3, PowerShell, and a hex editor to extract system artifacts, analyze processes, network connections, and reconstruct user activity.
Categories: Endpoint Forensics.
MITRE ATT&CK Tactics: Execution, Discovery, Command and Control.
Tools: Volatility 3, CertUtil, HxD.
Difficulty: medium.
This website uses cookies to ensure you get the best experience on our
website.
Learn more