TeamSpy is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: Volatilty 2.6, OSTviewer, OfficeMalScanner, dotnetfiddle, VirusTotal, Initial Access, Execution, Persistence, Command and Control, Exfiltration.
Learning Objectives
Reconstruct the attack timeline by analyzing memory dumps and suspicious document files using Volatility, OfficeMalScanner, and VirusTotal.