Logo

Table of contents:

  • About
  • Personal Learning Plan
  • Red team
  • Blue team
    • Introduction
    • Learning focuses
      • Category
      • Learning tasks execution
        • 1. Follow the workshops related to hacking & blue team
        • 2. Take part of the Red v Blue team event
        • 3. Expand IDS knowledge(Zeek & Suricata)
        • 4. Try monitoring techniques (netflow, flow monitoring)
        • 5. Try out SIEM and dashboarding (i.e Elastic Stack)
        • 6. Learn reverse engineering and apply to malware
        • 7. Blue-team visit a local building and document findings(cancelled due to COVID)
        • 8. Set up and experiment with a Web Application Firewall
        • 18. Set up vulnerability scanning with OpenVAS
      • Research & development tasks execution
      • Professional application tasks
      • Custom tasks
  • Forensics
OKapisiz CM
  • »
  • Blue team »
  • 1. Follow the workshops related to hacking & blue team
  • View page source

1. Follow the workshops related to hacking & blue team

Task

Follow workshops related to blue teaming

T

0.5day

Must

Execution

First workshop about blue-teaming was more of an inspiration session. The basics were also discussed such as the basic kill chain, along with a new concept to me which is known as the pyramid of pain.
PowerPoint slides: Pyramid of Pain

First workshop

https://i.imgur.com/aU5UFwT.png
https://i.imgur.com/vTUVADJ.png

Second workshop

PowerPoint slides: Threat detection & nsm

  • Demonstration with Zeek

  • Basic overview of a sensor

  • Someone in the seclab p2p torrenting (s3 student)

  • Security Onion has all the needed tools

https://i.imgur.com/1LE1R73.png
Previous Next

© Copyright 2021, OKapisiz.

Built with Sphinx using a theme provided by Read the Docs.