NerisBot is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: Splunk, Command and Control.
Learning Objectives
Reconstruct the attack timeline by correlating Suricata and Zeek logs in Splunk to identify malicious IPs, C2 domains, targeted hosts, and file hashes.
Categories: Threat Hunting.
MITRE ATT&CK Tactics: Command and Control.
Tools: Splunk.
Difficulty: easy.
This website uses cookies to ensure you get the best experience on our
website.
Learn more