CyberDefenders™ is a training platform for
#SOC
analysts to learn, validate & advance
#BlueTeam
/
#DFIR
skills.
Join community
@https
://cyberdefenders.org/discord
🔥 Look at those stunning
#CertifiedCyberDefender
silver and gold coins🏅, a special recognition for our
#CCD
graduates! Show off your
#CyberDefense
expertise with this one-of-a-kind keepsake.
Are you up for the challenge? Tackle the CCD certification exam, join the elite, and
Calling
#cyberdefenders
! We are celebrating 55000 LinkedIn followers with a giveaway worth $16,000🎉!
As a token of appreciation, we want to give back to the
#blueteam
community by giving away 21
#CertifiedCyberDefender
vouchers, 7 for each - Discord, Twitter, and LinkedIn.
New challenge released | "GitTheGate" is an introductory
#ELK
challenge to get you started with
#Kibana
.
Challenge:
Author:
@0ldmate_
We are currently preparing another advanced ELK case investigation scenario. Stay tuned!
#DFIR
#BlueTeam
#SIEM
#InfoSec
New Challenge Released | 'MalDoc101' is the 1st malicious document analysis exercise to release, a vital skill considering most attacks start with a malicious link or email attachment.
Challenge:
Author:
@jstrosch
#DFIR
#CyberSecurity
#BlueTeam
#InfoSec
New challenge released | 'Intel101' is an open-source intelligence
#OSINT
exercise to practice mining and analyzing data to produce meaningful intel when investigating external threats.
Challenge:
Author:
@champdfa
#DFIR
#BlueTeam
#InfoSec
#CyberSecurity
Here is the first MAC OS forensics challenge to release - Spotlight.
A nice opportunity to evaluate your skills against an OS usually encountered in today's investigations.
Challenge:
Author:
@champdfa
#DFIR
#BlueTeam
#InfoSec
#CyberSecurity
#SOC
A new challenge has been released, including a set of
@zeekurity
specific questions.
Zeek (formerly Bro) is an open-source network security monitoring tool & critical component of defender's arsenal.
Try it @
#DFIR
#BlueTeam
#InfoSec
#CyberSecurity
New Challenge: Malware Traffic Analysis 5
Category: Email Analysis
As a SOC analyst, you are tasked with analyzing a couple of emails & a pcap to understand how the system was compromised.
Author:
@malware_traffic
#DFIR
#InfoSec
#CyberSecurity
#BlueTeam
If you're looking to practice your
#malware
#analysis
skills, I have several exercises available:
🎓
These include challenge tasks and detailed walk-throughs. You'll also find them as CTF challenges at
@CyberDefenders
👉
We are happy to announce the release of a newer version of DetectionLabELK, this version includes
#Kibana
#SIEM
APP with a 145 Out-Of-The-Box rules created by
@elastic
team. Try it out
New Challenge | CyberCorp
You have been informed that your company's infrastructure is likely to be compromised by a known threat group.
Analyze collected artifacts & complete the investigation.
#DFIR
#InfoSec
#BlueTeam
#CyberSecurity
Author:
@bizone_en
New CTF->
#DetectLOG4J
#Log4shell
has gained much attention for the wide range of products that depend on the
#log4j
library. We created a
#CTF
to test your ability to detect, analyze & mitigate log4shell.
Register & get your team ready 👉
#DFIR
#BlueTeam
To enter the giveaway on Twitter:
1. Make sure you are following us on Twitter.
2. Like and Retweet this post with
#blueteam
#ccd
.
To enter the giveaway on Discord:
1. Join our discord server at
2. React to the post in the announcements channel.
Here is our second live
#BlueTeam
CTF -> '$tealer'.
Your
#SOC
L1 colleague escalated the case for you to investigate. As an experienced L2 SOC analyst, analyze the
#malware
sample & extract
#C2
server and
#IOCs
.
Hurry up,
#CTF
starts in two days!👉🏻
#DFIR
🆕New Lab: Sigma101
As a Detection Engineer, Your objective is to Decode the logs, comprehend the activities, and refine our Sigma rules.
🎬 ProxyLogon walkthrough is now available.
❗ Retired Lab: MITRE-1595.
🔗
#DFIR
#SOC
#infosec
#cybersecurity
New Challenge -> Pwned-DC (Active Directory Case).
Adversaries were able to take over the corporate domain controller. Investigate the case and reveal the Who, When, What, Where, Why, and How.
#DFIR
#BlueTeam
#InfoSec
#CyberSecurity
Hooray! We've opened challenges submissions to the public, and we are excited to start accepting new challenges from the community.
Use the below form if you have a challenge you want to build or publish, regardless if you are an individual or a company.
📢 Defenders, we have a new live
#CTF
for you!
An ActiveDirectory compromise case: adversaries hacked the corporate domain controller. Investigate the case and reveal the Who, When, What, Where, Why, & How.
Register👉
#DFIR
#InfoSec
#BlueTeam
#CyberSecurity
🆕 New Challenge | Injector 🆕
A company’s web server has been breached. The team arrived just in time to take a forensic image of the running system and its memory for further analysis.
Challenge:
Author:
@binaryz0ne
#DFIR
#InfoSec
#BlueTeam
#FTKImager
Would the community be interested in a Telecom security/mobile operator's case challenge?
Our friend
@sigploit
, a security researcher at Ericsson and the author of is currently preparing one.
Thoughts/suggestions?
#BlueTeam
#InfoSec
#CyberSecurity
#DFIR
New Challenge | 'CyberCorp 2'
As a
#ThreatHunter
, you were called to validate the hypothesis about an intruder's attempt to maintain persistence. Analyze the
#EDR
telemetry in the
#ThreatHunting
platform & figure out attack details.
#DFIR
Author:
@bizone_en
We pushed a new change for member's profile section, and now you can add your Github/Linkedin/Twitter accounts and brief about yourself.
Use this link to directly edit your profile & connect with other defenders:
#DFIR
#BlueTeam
#Community
#InfoSec
New training -> "In-Depth Digital Investigation & Threat Hunting.". A live hands-on
#ThreatHunting
training Starting April 25, 2022.
You will learn how real
#APT
attacks work, how to analyze digital artifacts & automate this process across the enterprise.
Our first course is '
#MalwareAnalysis
& Digital Investigations', authored by
@Amr_Thabet
, a former researcher at
#Symantec
&
#Defcon
speaker.
He analyzed multiple state-sponsored attacks and was featured in Christian Science Monitor for his work on
#Stuxnet
.
1/2
🆕 New Lab: Kerberoasted
🕓 Friday at 4 PM UTC
📘 Threat Hunting
🔍 As a threat hunter, your investigation begins with analyzing Active Directory logs to detect any recent upsurge in Kerberoasting attacks.
🔗
#DFIR
#SOC
#infosec
#cybersecurity
A sneak peek of a bunch of new
#CCD
labs we have just released: [[Threat Hunting]] - endpoint and network.
Using Elastic to hunt for attack artifacts from endpoints and network perspectives.
1-Hunting for C2.
2- Hunting for malicious traffic initiated from endpoints.
1/2
#DFIR
We receive frequent requests from our users to recommend credible educational resources to improve their
#Blueteam
skills. As such, we are excited to announce the addition of a new section to the platform to host free & paid high-quality courses.
More at
Glad that we reached the following numbers in a few months just by word of mouth:
-3500 registered users.
-3000 Twitter followers.
-7000 Linkedin followers.
We are genuinely thankful for the continuous support we receive from the great community of fellow blueteamers.
#DFIR