MrRobot

MrRobot is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: Volatility 3, Volatility 2, Rstudio, Initial Access, Execution, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Exfiltration.

Learning Objectives

Reconstruct a multi-stage attack chain using Volatility Framework to analyze memory dumps, identifying malware, persistence, credential theft, lateral movement, and C2 communications across compromised systems.

Categories: Endpoint Forensics.

MITRE ATT&CK Tactics: Initial Access, Execution, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Exfiltration.

Tools: Volatility 2, Volatility 3, Rstudio.

Difficulty: medium.