DeepDive is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: Volatility 2, Execution, Privilege Escalation, Defense Evasion.
Learning Objectives
Analyze a memory dump with Volatility to uncover hidden Emotet malware, investigate its code injection, and reconstruct kernel-level evasion tactics like DKOM.