Phishy is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: FTK Imager, Autopsy, Registry Explorer, DB Browser for SQLite, browsinghistoryview, passwordfox, Whatsapp viewer, Oledump, VirusTotal, HybridAnalysis, Initial Access, Execution, Command and Control.
Learning Objectives
Reconstruct an end-to-end phishing attack chain by analyzing disk image, registry, application, and browser artifacts using various forensic tools.
Categories: Endpoint Forensics.
MITRE ATT&CK Tactics: Initial Access, Execution, Command and Control.
Tools: FTK Imager, Autopsy, Registry Explorer, DB Browser for SQLite, browsinghistoryview, passwordfox, Whatsapp viewer, Oledump, VirusTotal, HybridAnalysis.
Difficulty: medium.
This website uses cookies to ensure you get the best experience on our
website.
Learn more