Hafnium APT is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: ELK, Execution, Privilege Escalation, Defense Evasion, Credential Access.
Learning Objectives
Correlate Windows Defender, Sysmon, and Security logs in Elastic Stack to reconstruct HafinumAPT's initial access, persistence, and lateral movement TTPs.