Beta Gamer

Beta Gamer is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: Event Log Explorer, Registry Explorer, NTFS Log Tracker, MFTECmd, Timeline Explorer, EZ Tools, FTK Imager, Sysmon, Resource Development, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Lateral Movement, Collection, Command and Control.

Learning Objectives

Reconstruct an intrusion timeline by analyzing event logs, registry, file system, and network artifacts to identify attacker TTPs and data exfiltration.

Categories: Endpoint Forensics.

MITRE ATT&CK Tactics: Resource Development, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Lateral Movement, Collection, Command and Control.

Tools: Event Log Explorer, NTFS Log Tracker, Registry Explorer, MFTECmd, Timeline Explorer, EZ Tools, Sysmon, FTK Imager.

Difficulty: medium.