HoneyBOT is a blue team lab that falls under the Network Forensics category and will cover the following subjects: Wireshark, Brim, NetworkMiner, scdbg, Libemu (sctest), IP LookUp, Initial Access, Execution, Privilege Escalation, Defense Evasion, Command and Control.
Learning Objectives
Reconstruct a network intrusion by analyzing PCAP traffic with Wireshark, identifying a CVE-2003-0533 exploit, extracting malware, and performing shellcode analysis with scdbg to uncover attacker techniques and IOCs.