LNKTrap

LNKTrap is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: CyberChef, Splunk, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Lateral Movement, Command and Control.

Learning Objectives

Reconstruct a targeted cyber attack's timeline by analyzing Splunk event logs, process, and network data to identify initial access, persistence, privilege escalation, and C2.

Categories: Threat Hunting.

MITRE ATT&CK Tactics: Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Lateral Movement, Command and Control.

Tools: Splunk, CyberChef.

Difficulty: medium.