Cyber Blue Team labs, CTF challenges, DFIR, and SOC tools

Sort

Easy Retired

Ramnit

Endpoint Forensics

4.6 (1536)

Memory … Volatil… VirusTo…

Medium Retired

Trickbot

Threat Intel

4.6 (70)

Malware… Threat … VirusTo…

Hard Retired

Brutal Tank

Threat Hunting

4.7 (50)

SIEM Arkime PCAP

Hard Retired

Zerologon

Endpoint Forensics

4.8 (133)

Disk Fo… Active … Phishing

Medium Retired

TheTruth

Endpoint Forensics

4.6 (45)

spyware Phishing Android

Medium Retired

OpenWire

Network Forensics

4.5 (1493)

PCAP Wiresha… CVEs

Medium Retired

QBot

Endpoint Forensics

4.6 (167)

Memory … Volatil… Trojan

Medium Retired

LockBit

Endpoint Forensics

4.7 (185)

Disk Fo… Ransomw… LockBit

Medium Retired

GoogleCloudHunt

Cloud Forensics

4.5 (174)

Google … Bucket Google …

Medium Retired

EcomBreach

Endpoint Forensics

4.7 (91)

Disk Fo… Apache2 Log Ana…

Medium Retired

MSI

Malware Analysis

4.6 (70)

VirusTo… CyberCh… Windows…

Medium Retired

Kerberoasted

Threat Hunting

4.7 (295)

SIEM Elastic Splunk

1
2
3
4
5
6 (current)
7
8
9
10
11
12
13
14
15

Blue Team CTF Challenges

Difficulty

Category

MITRE Tactic

Type

Sort

Ramnit

Trickbot

Brutal Tank

Zerologon

TheTruth

OpenWire

QBot

LockBit

GoogleCloudHunt

EcomBreach

MSI

Kerberoasted