BlueSky Ransomware is a blue team lab that falls under the Network Forensics category and will cover the following subjects: Event Log Explorer, CyberChef, Wireshark, Network Miner, Windows Event Viewer, VirusTotal, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Command and Control, Impact.
Learning Objectives
Reconstruct a BlueSky ransomware attack by analyzing network traffic, decoding PowerShell scripts, and examining persistence mechanisms to identify attacker tactics and IOCs.