Hands-on, downloadable cybersecurity labs for Blue Team defenders. Filter by difficulty or topic area.
Learn to triage alerts in a simulated SOC environment. Analyze Splunk dashboards, correlate events, and identify true vs false positives using realistic PCAP and log data.
Detect and respond to an RDP brute force attack using Windows Event Logs and Splunk. Identify attacker patterns, build detection rules, and simulate initial containment steps.
Analyze obfuscated PowerShell scripts and memory artifacts. Understand living-off-the-land techniques, decode malicious payloads, and build detection logic.
// More labs in development — suggest a topic