Hack The Box Blue Teaming

Get familiar with industry-standard tools and methodologies to identify, understand, and detect malware threats.

Audit your AD environment for misconfigurations (and attacks) that can lead to severe consequences when exploited by malicious actors.

Learn how to detect NTDS dumping attacks in issue five of a special series on critical Active Directory (AD) attack detections & misconfigurations.

How to get good at these fundamental SOC tools and their related skills.

Learn how to detect NTLM relay attacks in part four of a special series on critical Active Directory (AD) attack detections & misconfigurations.

Learn how to detect LLMNR poisoning attacks in part three of a special five-part series on critical Active Directory (AD) attack detections & misconfigurations

Learn how to detect AS-REP roasting attacks in part two of a special five-part series on critical Active Directory (AD) attack detections & misconfigurations.

Learn how to detect Kerberoast attacks in part one of a special five-part series on critical Active Directory (AD) attack detections & misconfigurations.

Incident response plans lay the foundations for a defensive team’s actions in the face of an incident, making them essential for speedy and effective response.

Windows event logs are the gateway to understanding suspicious activity, making these event log analysis tools essential for beginner blue teamers.