ClickFix - VodkaStealer is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: Registry Explorer, Splunk, FTK Imager, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Exfiltration, Impact.
Learning Objectives
Synthesize forensic artifacts from event logs and disk images to reconstruct a multi-stage attack chain, detailing initial access, privilege escalation, lateral movement, and data exfiltration.