Syllabus
Here’s the syllabus for this workshop:
- Workshop
- Description
- Required Tasks
- Scope of Work
- Howto Use Your Virtual Machine
- Start Virtual Lab
- Extending Lab Hours
- Shutdown Your VM
- VM Access >
- Simulation Tasks
- Overview
- Task #1 – Getting Ready
- Task #2 – Working with Sliver
- Task #3 – Creating and Using Implants
- Task #4 – Interacting with Our Sessions
- Task #5 – Persistence
- Task #6 – Lateral Movement
- Task #7 – Execution and Exfiltration
- Task #8 - Ransomware
- Investigation Tasks
- Overview
- Task #1 - Ransomware Detection
- Task #2 - Evidence Extraction
- Task #3 - User Program Execution
- Task #4 – MOTW
- Task #5 – Scheduled Tasks
- Task #6 – Event Logs and Sysmon
- Task #7 – PowerShell Activity
- Task #8 - RDP Cache
- Task #9 - USNJournal
- Conclusion and Reflection
- Lessons Learned (Reflection)
- Important Event IDs
- References
What is next at Cyber 5W?
Add your email to the mailing list to get the latest updates.