ShadowRoast is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: Event Log Explorer, Event Viewer, CyberChef, Splunk, EZ Tools, KAPE, Defense Evasion, Credential Access.
Learning Objectives
Investigate and analyze malicious activity in an Active Directory environment using log analysis and Splunk queries to identify initial access, persistence, lateral movement, and data exfiltration techniques.