Boomer - Lazarus Group

Boomer - Lazarus Group is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: MemProcFS, Registry Explorer, Eric Zimmerman Tools, CyberChef, HxD, HexEditor, mimikatz, DB Browser for SQLite, DB Browser for SQLCipher, Event Log Explorer, Wireshark, IDA, x64dbg, Strings, Ghidra, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Discovery, Collection, Command and Control, Exfiltration, Impact.

Learning Objectives

Correlate diverse forensic artifacts from memory, registry, browser, and NTFS logs using advanced tools like Mimikatz, Ghidra, and CyberChef to reconstruct a complex data breach and C2 infrastructure.

Categories: Endpoint Forensics.

MITRE ATT&CK Tactics: Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Discovery, Collection, Command and Control, Exfiltration, Impact.

Tools: MemProcFS, Registry Explorer, Eric Zimmerman Tools, CyberChef, HxD, HexEditor, mimikatz, DB Browser for SQLite, DB Browser for SQLCipher, Event Log Explorer, Wireshark, IDA, x64dbg, Strings, Ghidra.

Difficulty: insane.