Blue Team Labs

Put your knowledge into practice with gamified cyber security challenges.

Join for Free

Boss Of The SOC v3

PREMIUM

Threat Hunting

hard

Apply Splunk search queries to extract information and answer questions from provided log data.

Boss Of The SOC v2

PREMIUM

Threat Hunting

hard

Apply Attack-Based Hunting methodology using Splunk to analyze and correlate diverse network and host logs, identifying multiple distinct cyberattack scenarios.

Ignoble Scorpius APT

PREMIUM

Threat Hunting

insane

Apply Attack-Based Hunting principles to Splunk logs, correlating Windows and Sysmon data to identify and reconstruct a multi-stage ransomware attack.

Boomer - Lazarus Group

PREMIUM

Endpoint Forensics

insane

Correlate diverse forensic artifacts from memory, registry, browser, and NTFS logs using advanced tools like Mimikatz, Ghidra, and CyberChef to reconstruct a complex data breach and C2 infrastructure.

TeamCity Exploit - APT29

PREMIUM

Threat Hunting

insane

Correlate Splunk logs and host forensic artifacts from triage images to reconstruct a multi-stage TeamCity compromise and identify attacker TTPs.

Phobos

Malware Analysis

insane

Analyze the Phobos ransomware executable to identify its core behavior, encryption methods, and extract actionable indicators of compromise (IOCs).