Blue Team Labs

Learn to use Splunk for detecting, analyzing, and investigating cybersecurity threats through log analysis, threat hunting, privilege escalation, lateral movement, and advanced attack techniques.

Learn to perform Chromebook forensic analysis using tools like DB Browser and Notepad++, focusing on user artifacts, browser data, downloads, and Google Takeout for digital investigations.

Reconstruct a multi-stage attack chain using Volatility Framework to analyze memory dumps, identifying malware, persistence, credential theft, lateral movement, and C2 communications across compromised systems.

Investigate a simulated multi-stage attack to identify compromise and attacker activity using Elastic SIEM.

Reconstruct a HawkEye Keylogger data exfiltration incident by analyzing network traffic with Wireshark and CyberChef, identifying IoCs and stolen credentials.

Reconstruct a Linux intrusion by analyzing forensic images, system logs, and custom scripts to identify brute-force, privilege escalation, persistence, and exfiltrated data.

Reconstruct initial access, system modifications, and persistence on a compromised Linux server by analyzing disk images and cracking passwords.

Analyze Android disk images using SQLite, Python, and log analysis to reconstruct user activity and extract key forensic artifacts.

Analyze a disk image to investigate multiple forensic cases by examining registry, event logs, and email artifacts using specified forensic tools.

Analyze various Linux system logs using grep, awk, and sed to identify attacker TTPs, persistence, and reconstruct the attack timeline.