Processes and Methodologies

In this module, the focus will be on understanding various processes, exploring different hunting methodologies, and examining a range of hypotheses. Additionally, you will gain insights into the Diamond Model, delve into the MITRE ATT@CK framework, and learn about both Indicators of Compromise (IOC) and Indicators of Attacks (IOA), among other key topics!

Advanced Pivoting

This module is tailored to enhance your proficiency in pivoting techniques as a Threat Intelligence Analyst. It aims to provide you with comprehensive skills for moving between various nodes, which is crucial in revealing and understanding the infrastructures employed by malicious actors.

Hunting APTs

In this module, we will explore the methods used by Nation-State Actors in deploying their infrastructure and the strategies for tracking them down. Our focus will include a detailed examination of Advanced Persistent Threats (APTs) originating from countries like Russia, China, North Korea, and Iran. You will gain insights into the unique tactics and techniques employed by these entities, enhancing your ability to identify and counter their operations.

Hunting Ransomware Groups

In this module, we will delve into the operational tactics of ransomware and criminal groups, including LockBit, ShadowSyndicate, FIN7, Cl0p, and others. You'll gain a comprehensive understanding of their functioning and learn effective strategies to track and counteract their activities.

Hunting Criminal Activities

This module is designed to comprehensively educate you on the intricacies of various malware infrastructures, including Pikabot, Redline, Racoon, Truebot, and more, providing you with in-depth knowledge and understanding of such infrastructure.

Hunting Post Exploitation Tools

In this module, we will delve into the methods of tracking and identifying elusive command and control systems (C2) such as Cobalt Strike, Metasploit, Mythic, Havoc, Sliver, BRC4, NightHawk and various other lesser-known entities such as redirectors. The focus will be on understanding how Threat Actors adapt and modify their infrastructure to avoid detection, providing you with the skills to uncover these advanced threats.

Automation, API & Scripting

In this section, you will explore how to leverage APIs and scripts to streamline your research process, enhancing efficiency and saving valuable time.