Tài nguyên

MyDFIR

• BOTS (boss of the SOC)
• Trang web MITRE Engenuity (APT29 Evaluations)

Homelab

https://www.netwrix.com/pass_the_hash_attack_explained.html

https://redcanary.com/threat-detection-report/techniques/lsass-memory/

https://redcanary.com/threat-detection-report/threats/mimikatz/

https://thedfirreport.com/2024/09/30/nitrogen-campaign-drops-sliver-and-ends-with-blackcat-ransomware/

https://thedfirreport.com/2021/08/29/cobalt-strike-a-defenders-guide/

https://blogs.vmware.com/security/2020/01/invoke-apt29-adversarial-threat-emulation.html

https://www.mitiga.io/blog/microsoft-breach-by-midnight-blizzard-apt29-what-happened-and-what-now

https://medium.com/@nakkouchtarek/from-zero-to-soc-homelab-my-journey-to-defense-in-depth-and-full-security-automation-cc07373b8b6d

https://www.youtube.com/watch?v=I61t7aoGC2Q&t=927s