Current Status

Not Enrolled

Price

Free

Get Started

Log In to Enroll

About this course

In this course, you will experience and explore a realistic cyber attack scenario. You will utilize the Empire Command and Control (C2) framework to carry out an attack on a Windows target VM. Following this, you will transition from the role of attacker to defender, conducting initial event analysis with Splunk, remote analysis and data collection with Velociraptor, and forensic analysis of registry keys and decoding obfuscated payloads. This course offers a true “purple team” approach, where you can learn from both the perspective of a red team operator and a blue team investigator.

Course Previews

Requirements

  • This course builds on a lab setup, which is documented in our free Build Your Lab series.
    • It requires at least one Windows VM and a Kali Linux VM.
  • Additionally, you will need a host VM with the following tools installed.
    • Splunk
    • Velociraptor
    • Forensic tools
Lab Architecture

Instructions on how to set up the lab environment are provided in the course.

Enroll now for free to get started with this course!

Support & FAQs

Reach out to us and join our Discord community for general conversation topics and networking.

Certificate of Completion

Once you finish the course you will receive your Certificate of Completion!  

Average Review Score:
★★★★★

You must log in and have started this course to submit a review.

Course Content

Lab and Scenario Overview
Empire C2 Attack
Incident Triage and Analysis
Forensic Artifact Analysis
Summary and Next Steps
Scroll to Top

Training Waitlist

Join our waitlist and get notified when training becomes available.

Contact Information
Professional Experience
I'm interested in

*By submitting this form, you’re agreeing that we will contact you and to receive our free email newsletter. (You’ll never be spammed and you can unsubscribe at any time.) We do not share your information with third-parties.