Learn how to perform memory forensics with Volatility! THM Room https://tryhackme.com/room/bpvolatility TASK 1 : Intro Install Volatility onto your workstation of choice or use the provided virtu...
Part of the Blue Primer series. This room is based on version 2 of the Boss of the SOC (BOTS) competition by Splunk. THM Room https://tryhackme.com/room/splunk2gcd5 TASK 1 : Deploy! Deployed the ...
Learn the basics of Splunk. THM Room https://tryhackme.com/room/splunk101 TASK 1 : Introduction to Splunk Virtual machine deployed. No Answer TASK 2 : Navigating Splunk I’m ready to look at Splu...
Let’s cover the basics of Osquery. THM Room https://tryhackme.com/room/osqueryf8 TASK 1 : Introduction Ready to learn Osquery! No Answer TASK 2 : Installation Attached VM was started. Ready to p...
Learn how to utilize Sysmon to monitor and log your endpoints and environments. THM Room https://tryhackme.com/room/sysmon TASK 1 : Introduction Complete the prerequisites listed above and jump i...
Introduction to Windows Event Logs and the tools to query them. THM Room https://tryhackme.com/room/windowseventlogs TASK 1 : What are event logs? Let’s begin… No Answer TASK 2 : Event Viewer Fo...
Learn to use the Sysinternals tools to analyze Windows systems or applications. THM Room https://tryhackme.com/room/btsysinternalssg TASK 1 : Introduction When did Microsoft acquire the Sysintern...
Use the knowledge attained to analyze a malicious email. THM Room https://tryhackme.com/room/phishingemails5fgjlzxc TASK 1 : Just another day as a SOC Analyst.. For questions 1-4 and 9, we can ge...
Learn how to defend against phishing emails. THM Room https://tryhackme.com/room/phishingemails4gkxh TASK 1 : Introduction What is the MITRE ID for Software Configuration? Answer : M1054 TASK 2 ...
Learn the tools used to aid an analyst to investigate suspicious emails. THM Room https://tryhackme.com/room/phishingemails3tryoe TASK 1 : Introduction Read the above. No Answer TASK 2 : What in...
A new version of content is available.