Latrodectus – LunarSpider is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: DB Browser for SQLite, Registry Explorer, MFTECmd, Timeline Explorer, Splunk, Eric Zimmerman Tools, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control, Exfiltration.
Learning Objectives
Correlate Splunk Sysmon logs and disk forensic artifacts across multiple hosts to reconstruct a multi-stage Latrodectus malware intrusion from initial access to data exfiltration.