Zoom Incident - Ignoble Scorpius APT is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: CyberChef, DB Browser for SQLite, Detect It Easy, Splunk, Epoch Converter, VirusTotal, Initial Access, Execution, Privilege Escalation, Defense Evasion, Credential Access, Lateral Movement, Command and Control, Exfiltration, Impact.
Learning Objectives
Correlate Sysmon events and forensic artifacts across multiple hosts using Splunk to reconstruct a full ransomware kill chain, from initial compromise to domain-wide impact.