Maranhao is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: Event Log Explorer, DB Browser for SQLite, Registry Explorer, EvtxECmd, FTK Imager, PECmd, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Collection.
Learning Objectives
Investigate a trojanized game installer by analyzing browser history, logs, registry hives, and filesystem artifacts to map the full attack chain and extract IOCs.