HackTheBox - Intro to Blue Team - One Thing Learned From All 9 Labs

One Thing I learned from EVERY ‘Intro to Blue Team’ HackTheBox Lab!:

In this video, I go through each lab in the HackTheBox ‘Intro to Blue Team’ track. This track was created by HackTheBox and provides nine excellent, beginner friendly DFIR and SOC labs that can be investigated fully offline.

These boxes cover a few of the core concepts, tools and methodologies necessary to be an effective SOC Analyst and give you a good taste of what the process of DFIR actually looks like.

The labs featured in this Track are:

Chase — Forensics, PCAP analysis.
Event Horizon — Forensics, Phishing investigation.
Export — Forensics, Memory analysis.
Insider — Forensics, insider threat analysis
Logger — Hardware forensics, USB log analysis.
Lure — Forensics, OLE.
No Place To Hide — Forensics, RDP Bitmap cache analysis.
Persistence — Forensics,
Ransom — Reverse Engineering, ransomware analysis.

By darkyolks originally published on January 27, 2024.

BlueTeamLabsOnline - 'Sam' Lab - Video Walkthrough

TryHackMe - 'Volt Typhoon' Walkthrough - Medium

A guided walkthrough of the TryHackMe lab/room called Volt Typhoon. Investigating Splunk logs to track the APT's tactics, techniques and procedures leveraging the MITRE ATT&CK framework.

TryHackMe 'Extracted' Walkthrough - Medium

A walkthrough of the TryHackMe Extracted room covering network forensics and KeePass credential recovery.

TryHackMe 'LoFi' Walkthrough - Easy

A walkthrough of the TryHackMe lab 'LoFi'. This lab is a penetration test that includes Local File Inclusion and Path Traversal.