AbuSESer - Trufflenet is a blue team lab that falls under the Cloud Forensics category and will cover the following subjects: VirusTotal, CloudWatch, Execution, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Collection, Impact.
Learning Objectives
Investigate a complex Business Email Compromise attack by correlating AWS CloudTrail and Lambda logs in CloudWatch Logs Insights to reconstruct the attack timeline and attribute TTPs.