Learn how to perform memory forensics with Volatility! THM Room https://tryhackme.com/room/bpvolatility TASK 1 : Intro Install Volatility onto your workstation of choice or use the provided virtu...

Part of the Blue Primer series. This room is based on version 2 of the Boss of the SOC (BOTS) competition by Splunk. THM Room https://tryhackme.com/room/splunk2gcd5 TASK 1 : Deploy! Deployed the ...

Learn the basics of Splunk. THM Room https://tryhackme.com/room/splunk101 TASK 1 : Introduction to Splunk Virtual machine deployed. No Answer TASK 2 : Navigating Splunk I’m ready to look at Splu...

Let’s cover the basics of Osquery. THM Room https://tryhackme.com/room/osqueryf8 TASK 1 : Introduction Ready to learn Osquery! No Answer TASK 2 : Installation Attached VM was started. Ready to p...

Learn how to utilize Sysmon to monitor and log your endpoints and environments. THM Room https://tryhackme.com/room/sysmon TASK 1 : Introduction Complete the prerequisites listed above and jump i...

Introduction to Windows Event Logs and the tools to query them. THM Room https://tryhackme.com/room/windowseventlogs TASK 1 : What are event logs? Let’s begin… No Answer TASK 2 : Event Viewer Fo...

Learn to use the Sysinternals tools to analyze Windows systems or applications. THM Room https://tryhackme.com/room/btsysinternalssg TASK 1 : Introduction When did Microsoft acquire the Sysintern...

Use the knowledge attained to analyze a malicious email. THM Room https://tryhackme.com/room/phishingemails5fgjlzxc TASK 1 : Just another day as a SOC Analyst.. For questions 1-4 and 9, we can ge...

Learn how to defend against phishing emails. THM Room https://tryhackme.com/room/phishingemails4gkxh TASK 1 : Introduction What is the MITRE ID for Software Configuration? Answer : M1054 TASK 2 ...

Learn the tools used to aid an analyst to investigate suspicious emails. THM Room https://tryhackme.com/room/phishingemails3tryoe TASK 1 : Introduction Read the above. No Answer TASK 2 : What in...