Completed Labs: Certified CyberDefender Training and Certification Progress
Creating a decoy file using canary tokens and utilizing this effective tool to implant traps in production systems.
Rita settings, usage, and how to use it to detect DNS tunneling, beaconing traffic, and generate reports.
Velociraptor deployment and interface, artifact collections, and the capture of a memory dump for an infected process.
Understanding OSSEC's architecture and configs, and utilizing it to detect web shells, persistence, and privilege escalation.
Email Security Controls
Explore email authentication mechanisms, specifically SPF, DKIM, and DMARC. Engage in hands-on exercises to configure and validate these mechanisms for email security.
Microsoft Sentinel SIEM
Querying stored logs, developing Sentinel workbooks, creating analytics, investigating an incident, and integrating threat intelligence feeds.
Performing different types of scans and exporting a detailed report of the discovered vulnerabilities.
Suricata settings, logs, analyzing a PCAP and matching it to signatures, detecting malicious traffic using Suricata as an IDS, and writing custom signatures.
Sysmon's configuration, EventTypes, and how to write a custom config and block executable files.
Completed Challenges: BlueYard Progress