Syllabus

Here’s the syllabus for this workshop:

  • Environment Access
    • Pre Access-Setup
    • Creds
    • Lab Machines

  • Adversary Simulation
    • Task #1 – Working with Sliver
    • Task #2 – Creating and Using Implants
    • Task #3 – Initial Access
    • Task #4 – Interacting with Our Sessions
    • Task #5 – Persistence
    • Task #6 – Lateral Movement
    • Task #7 – Exfiltration
    • Task #8 - Ransomware (PowerShell)

  • SIEM Investigation
    • Task #1 - Alert Investigation
    • Task #2 - Investigation Queries

  • Investigation Tasks
    • Task #1 - Ransomware Detection
    • Task #2 - Evidence Extraction
    • Task #3 - User Program Execution
    • Task #4 - MOTW
    • Task #5 - Scheduled Tasks
    • Task #6 - Event Logs and Sysmon
    • Task #7 - PowerShell Activity
    • Task #8 - USNJournal

If you'd like to practice in our
pre-configured Virtual Lab environment

Pay What You Can

What is next at Cyber 5W?

Add your email to the mailing list to get the latest updates.

Thank You