Level: Basic to Intermediate

Duration: 64 hours

Table of Content:

  • Introduction
  • Extra Lab Setup
  • Windows Logging
  • Sysmon
  • Logging Investigation
  • Logging: Attack Simulation
  • Windows Security
  • Lateral Movement and Persistence
  • Network Detection: General and Buffering
  • Network Detection: Suricata
  • Network Detection: Zeek
  • Elasticsearch
  • Elasticsearch Security and Integrations
  • Wazuh
  • Stack Integration
  • OSQuery
  • Graphical OSQuery
  • Velociraptor
  • Cuckoo Sandbox
  • Incident Response
  • Threat Information
  • Attack Overview
  • Common Tools
  • Live Response: Hunting Commands
  • Live Response: PowerShell Commands
  • Yara
  • E-mail Investigation
  • Memory Acquisition
  • Disk/File System: Acquisition and Analysis
  • Registry
  • Browser Forensics
  • Forensic Timeline
  • Miscellaneous
  • Malware Attack Simulation