HawkEye is a blue team lab that falls under the Network Forensics category and will cover the following subjects: Wireshark, Brim, Apackets, MaxMind Geo IP, VirusTotal, Initial Access, Execution, Defense Evasion, Credential Access, Discovery, Collection, Command and Control, Exfiltration.
Learning Objectives
Reconstruct a HawkEye Keylogger data exfiltration incident by analyzing network traffic with Wireshark and CyberChef, identifying IoCs and stolen credentials.