https://bluecapesecurity.com/courses/free-emotet-maldoc-analysis/lessons/emotet-maldoc-analysis/2022-12-30T09:52:10-08:00https://bluecapesecurity.com/lessons/blue-team-master-program-introduction/2022-12-29T10:28:26-08:00https://bluecapesecurity.com/lessons/module-1-windows-enterprise-environments/2023-09-05T17:20:49-07:00https://bluecapesecurity.com/lessons/module-2-windows-authentication/2023-09-06T15:15:19-07:00https://bluecapesecurity.com/lessons/module-3-windows-internals/2022-12-29T10:28:26-08:00https://bluecapesecurity.com/lessons/module-4-digital-forensics/2022-12-29T10:28:26-08:00https://bluecapesecurity.com/lessons/module-5-malware-analysis/2022-12-29T10:28:26-08:00https://bluecapesecurity.com/lessons/module-6-enterprise-incident-response/2022-12-29T10:28:26-08:00https://bluecapesecurity.com/lessons/module-10-cti-threat-hunting/2023-05-15T15:17:16-07:00https://bluecapesecurity.com/lessons/module-7-ransomware-attack-scenario/2023-05-15T15:15:23-07:00https://bluecapesecurity.com/lessons/module-9-advanced-persistent-threat-scenario/2022-12-29T10:28:26-08:00https://bluecapesecurity.com/lessons/program-overview/2023-03-07T23:08:32-08:00https://bluecapesecurity.com/lessons/1-windows-enterprise-environments/2023-01-18T12:18:24-08:00https://bluecapesecurity.com/lessons/2-windows-authentication-attacks/2023-02-10T11:04:49-08:00https://bluecapesecurity.com/lessons/lab-overview/2023-02-08T12:04:34-08:00https://bluecapesecurity.com/lessons/3-windows-internals/2023-02-21T22:14:38-08:00https://bluecapesecurity.com/lessons/4-digital-forensics/2023-03-07T23:11:28-08:00https://bluecapesecurity.com/lessons/6-ransomware-attack-scenario/2023-04-04T15:55:07-07:00https://bluecapesecurity.com/lessons/8-apts-threat-intel-and-threat-hunting/2023-04-26T09:04:46-07:00https://bluecapesecurity.com/lessons/9-cloud-incident-response/2023-05-03T12:33:05-07:00https://bluecapesecurity.com/lessons/10-incident-response-management/2023-05-03T12:34:05-07:00https://bluecapesecurity.com/lessons/module-8-ransomware-response-investigation/2023-05-15T15:16:57-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/welcome-to-practical-windows-forensics/2023-06-14T15:34:30-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/2-lab-overview/2023-06-14T11:04:11-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/3-data-collection-process/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/4-examination-of-the-forensic-data/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/5-disk-analysis-introduction/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/5-1-windows-registry-analysis/2023-06-13T21:27:00-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/5-2-user-behavior-analysis/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/5-4-analysis-of-the-master-file-table-mft/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/5-5-finding-evidence-of-deleted-files-with-usn-journal-analysis/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/5-6-analyzing-evidence-of-program-execution/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/5-7-finding-evidence-of-persistence-mechanisms/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/5-8-uncover-malicious-activity-with-windows-event-log-analysis/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/6-windows-memory-analysis/2023-06-14T15:54:42-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/7-kitchen-sink-analysis-with-super-timelines/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/8-reporting/2023-06-12T12:09:29-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/9-final/2023-06-12T12:09:28-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/5-3-overview-of-disk-structures-partitions-and-file-systems/2023-06-12T12:09:28-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/2-1-setting-up-your-forensic-workstation/2023-06-14T11:16:10-07:00https://bluecapesecurity.com/courses/practical-windows-forensics/lessons/2-2-prepare-your-target-system/2023-06-14T11:16:48-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-introduction-and-overview/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-resources/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-course-roadmap/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-lab-setup-overview/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-forensic-workstation-installation/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-target-system-setup/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-the-forensic-procss/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-containment-and-preservation-of-evidence-using-virtualbox/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-memory-acquisition-with-virtualbox/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-disk-acquisition-with-virtualbox/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-user-accounts-analysis/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-bonus-amcache-in-depth-analysis-and-why-scheduled-tasks-matter/2023-06-14T20:42:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-memory-analysis-with-volatility3-overview/2023-06-19T14:57:42-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-detecting-suspicious-windows-processes-with-volatility3/2023-06-19T14:57:50-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-dumping-and-analyzing-processes-from-the-memory-with-volatility3/2023-06-19T14:57:58-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-pwf-previews/lessons/practical-windows-forensics-pwf-digital-forensics-reporting-and-presentation-of-findings/2023-06-19T14:58:06-07:00https://bluecapesecurity.com/lessons/course-demo-lesson-a/2023-08-02T12:53:06-07:00https://bluecapesecurity.com/lessons/course-demo-lesson-b/2023-06-14T20:55:16-07:00https://bluecapesecurity.com/lessons/welcome-to-practical-windows-forensics-2/2023-07-10T05:45:36-07:00https://bluecapesecurity.com/lessons/2-lab-overview-2/2023-07-10T05:45:36-07:00https://bluecapesecurity.com/lessons/2-1-setting-up-your-forensic-workstation-2/2023-07-10T05:45:36-07:00https://bluecapesecurity.com/lessons/2-2-prepare-your-target-system-2/2023-07-10T05:45:37-07:00https://bluecapesecurity.com/lessons/3-data-collection-process-2/2023-07-10T05:45:37-07:00https://bluecapesecurity.com/lessons/4-examination-of-the-forensic-data-2/2023-07-10T05:45:37-07:00https://bluecapesecurity.com/lessons/5-disk-analysis-introduction-2/2023-07-10T05:45:37-07:00https://bluecapesecurity.com/lessons/5-1-windows-registry-analysis-2/2023-07-10T05:45:38-07:00https://bluecapesecurity.com/lessons/5-2-user-behavior-analysis-2/2023-07-10T05:45:38-07:00https://bluecapesecurity.com/lessons/5-3-overview-of-disk-structures-partitions-and-file-systems-2/2023-07-10T05:45:38-07:00https://bluecapesecurity.com/lessons/5-4-analysis-of-the-master-file-table-mft-2/2023-07-10T05:45:38-07:00https://bluecapesecurity.com/lessons/5-5-finding-evidence-of-deleted-files-with-usn-journal-analysis-2/2023-07-10T05:45:39-07:00https://bluecapesecurity.com/lessons/5-6-analyzing-evidence-of-program-execution-2/2023-07-10T05:45:39-07:00https://bluecapesecurity.com/lessons/5-7-finding-evidence-of-persistence-mechanisms-2/2023-07-10T05:45:40-07:00https://bluecapesecurity.com/lessons/5-8-uncover-malicious-activity-with-windows-event-log-analysis-2/2023-07-10T05:45:40-07:00https://bluecapesecurity.com/lessons/6-windows-memory-analysis-2/2023-07-10T05:45:40-07:00https://bluecapesecurity.com/lessons/7-kitchen-sink-analysis-with-super-timelines-2/2023-07-10T05:45:41-07:00https://bluecapesecurity.com/lessons/8-reporting-2/2023-07-10T05:45:41-07:00https://bluecapesecurity.com/lessons/9-final-2/2023-07-10T05:45:42-07:00https://bluecapesecurity.com/lessons/velociraptor-installation/2023-09-05T15:28:59-07:00https://bluecapesecurity.com/lessons/splunk-installation/2023-09-06T09:45:16-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/welcome-to-practical-windows-forensics-3/2023-09-17T21:25:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/2-online-lab-instructions/2023-11-16T09:00:35-08:00https://bluecapesecurity.com/lessons/2-1-setting-up-your-forensic-workstation-3/2023-09-17T21:25:07-07:00https://bluecapesecurity.com/lessons/2-2-prepare-your-target-system-3/2023-09-17T21:25:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/3-data-collection-process-3/2023-09-17T21:25:07-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/4-examination-of-the-forensic-data-3/2023-09-17T21:25:08-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/5-disk-analysis-introduction-3/2023-09-17T21:25:08-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/5-1-windows-registry-analysis-3/2023-09-17T21:25:08-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/5-2-user-behavior-analysis-3/2023-09-17T21:25:08-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/5-3-overview-of-disk-structures-partitions-and-file-systems-3/2023-09-17T21:25:09-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/5-4-analysis-of-the-master-file-table-mft-3/2023-09-17T21:25:09-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/5-5-finding-evidence-of-deleted-files-with-usn-journal-analysis-3/2023-09-17T21:25:09-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/5-6-analyzing-evidence-of-program-execution-3/2023-09-17T21:25:09-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/5-7-finding-evidence-of-persistence-mechanisms-3/2023-09-17T21:25:10-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/5-8-uncover-malicious-activity-with-windows-event-log-analysis-3/2023-09-17T21:25:10-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/6-windows-memory-analysis-3/2023-09-17T21:25:11-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/7-kitchen-sink-analysis-with-super-timelines-3/2023-09-17T21:25:11-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/8-reporting-3/2023-09-17T21:25:12-07:00https://bluecapesecurity.com/courses/practical-windows-forensics-labs/lessons/9-final-3/2023-09-17T21:25:12-07:00https://bluecapesecurity.com/lessons/inv001-online-lab-instructions/2024-03-20T05:27:54-07:00https://bluecapesecurity.com/lessons/inv001-ransomware-scenario-introduction/2024-03-20T05:27:16-07:00https://bluecapesecurity.com/lessons/inv001-scenario-questions/2023-09-29T11:21:35-07:00https://bluecapesecurity.com/lessons/inv001-scenario-solution/2023-09-29T11:21:23-07:00https://bluecapesecurity.com/courses/splunk-botsv3/lessons/online-lab-instructions-2/2023-09-20T09:37:27-07:00https://bluecapesecurity.com/courses/splunk-botsv3/lessons/challenge-questions-hints-and-answers/2023-09-19T10:36:27-07:00https://bluecapesecurity.com/lessons/inv001-scenario-analysis-methodology/2023-09-29T11:21:16-07:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/1-1-enterprise-domain-environments/2024-02-01T22:18:30-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/1-2-logging-telemetry-visibility/2024-02-02T14:13:20-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/1-2-1-windows-event-logs/2023-11-25T11:33:41-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/1-2-2-powershell-event-logging-and-tuning/2023-11-25T11:40:09-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/1-2-3-sysmon-event-logging-and-detection/2023-11-25T11:34:58-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/discovery-execution-and-file-transfer-with-lolbins/2023-11-29T22:35:00-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/domain-reconnaissance/2023-12-06T10:37:00-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/credential-dumping/2024-01-22T15:10:44-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/sessions-and-tokens/2023-12-20T19:35:54-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/lateral-movement-techniques/2023-12-21T20:26:04-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/persistence-mechanisms/2023-12-29T09:19:06-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/execution-and-defense-evasion/2024-02-15T14:25:51-08:00https://bluecapesecurity.com/lessons/lesson/2024-01-04T11:32:25-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/initial-access-techniques/2024-02-01T16:53:32-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/network-telemetry-and-security/2024-02-22T23:03:47-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/static-malware-analysis/2024-03-04T10:59:13-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/course-introduction/2024-02-02T14:10:17-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/cyber-threat-landscape/2024-02-02T14:11:08-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/data-staging-and-exfiltration-techniques/2024-02-02T14:17:18-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/windows-endpoint-compromise-overview/2024-01-28T21:29:26-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/privilege-escalation-techniques/2024-01-28T22:22:58-08:00https://bluecapesecurity.com/lessons/lesson-2/2024-02-22T23:00:40-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/windows-network-security/2024-02-22T23:04:32-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/c2-beacon-analysis/2024-02-22T23:10:10-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/powershell-payload-analysis/2024-03-03T23:48:55-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/dynamic-malware-analysis/2024-03-04T00:42:43-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/congratulations-and-next-steps/2024-03-04T11:33:05-08:00https://bluecapesecurity.com/courses/101-enterprise-security-fundamentals/lessons/offline-lab-setup/2024-03-31T08:12:20-07:00https://bluecapesecurity.com/courses/c2-attack-and-defend/lessons/lab-and-scenario-overview/2024-04-03T10:17:23-07:00https://bluecapesecurity.com/courses/c2-attack-and-defend/lessons/empire-c2-attack/2026-02-16T10:52:56-08:00https://bluecapesecurity.com/courses/c2-attack-and-defend/lessons/incident-triage-and-analysis/2024-04-02T14:27:20-07:00https://bluecapesecurity.com/courses/c2-attack-and-defend/lessons/forensic-artifact-analysis/2024-04-02T14:27:30-07:00https://bluecapesecurity.com/courses/c2-attack-and-defend/lessons/summary-and-next-steps/2024-04-03T12:18:48-07:00https://bluecapesecurity.com/courses/jumpstart-your-dfir-journey-webinar-series__trashed/lessons/session-1-understanding-the-threat-landscape-and-dfir-fundamentals/2024-10-31T09:54:23-07:00https://bluecapesecurity.com/lessons/session-three-essential-dfir-tools-and-techniques-for-effective-analysis/2024-08-07T20:13:06-07:00https://bluecapesecurity.com/courses/jumpstart-your-dfir-journey-webinar-series__trashed/lessons/session-2-cyber-threats-and-important-forensic-concepts/2024-10-31T09:47:54-07:00https://bluecapesecurity.com/courses/jumpstart-your-dfir-journey-webinar-series__trashed/lessons/session-3-essential-tools-and-applications-for-dfir-environments/2024-10-31T09:54:10-07:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/session-1-security-operations-in-enterprise-environments/2024-12-28T14:12:36-08:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/session-2-incident-response-and-data-collection-techniques/2024-12-28T14:13:42-08:00https://bluecapesecurity.com/lessons/session-three-applied-forensic-analysis-october-3/2024-09-12T08:59:05-07:00https://bluecapesecurity.com/lessons/pre-case-scenario/2024-09-12T09:13:44-07:00https://bluecapesecurity.com/lessons/submit-your-suspicious-file-answer-here/2024-10-03T14:44:44-07:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/introduction-start-here-2/2024-12-28T14:33:25-08:00https://bluecapesecurity.com/lessons/lesson-3/2024-09-12T08:24:30-07:00https://bluecapesecurity.com/lessons/workshop-schedule-and-calendar/2024-09-12T08:47:30-07:00https://bluecapesecurity.com/lessons/lesson-4/2024-09-12T08:25:29-07:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/join-the-discord-community/2024-12-28T14:09:43-08:00https://bluecapesecurity.com/lessons/watch-now-essential-dfir-skills-and-techniques/2024-10-30T13:25:16-07:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/case-introduction-dfir-investigation-suspicious-file-download-incident/2024-09-19T15:38:17-07:00https://bluecapesecurity.com/courses/master-enterprise-dfir__trashed/lessons/workshop-introduction/2024-11-22T12:38:24-08:00https://bluecapesecurity.com/lessons/workshop-schedule-and-calendar-2/2024-11-18T09:38:51-08:00https://bluecapesecurity.com/courses/master-enterprise-dfir__trashed/lessons/join-the-discord-community-2/2024-11-22T12:33:02-08:00https://bluecapesecurity.com/lessons/jumpstart-your-dfir-journey-essential-dfir-skills-and-techniques-3-part-webinar-series/2024-10-02T17:52:08-07:00https://bluecapesecurity.com/lessons/pre-case-scenario-2/2024-10-02T08:50:53-07:00https://bluecapesecurity.com/lessons/submit-your-suspicious-file-answer-here-2/2024-10-02T08:50:53-07:00https://bluecapesecurity.com/lessons/case-introduction-dfir-investigation-suspicious-file-download-incident-2/2024-10-02T08:50:53-07:00https://bluecapesecurity.com/lessons/session-one-security-operations-in-enterprise-environments-september-19-2/2024-10-02T08:50:53-07:00https://bluecapesecurity.com/lessons/session-two-incident-response-and-data-collection-techniques-2/2024-10-02T08:50:54-07:00https://bluecapesecurity.com/lessons/lesson-5/2024-10-02T17:45:30-07:00https://bluecapesecurity.com/lessons/elevate-your-dfir-skills-deeper-insights-and-practical-insights-3-part-workshop-series/2024-10-02T17:54:16-07:00https://bluecapesecurity.com/courses/master-enterprise-dfir__trashed/lessons/syllabus-301-enterprise-dfir/2025-04-19T20:19:05-07:00https://bluecapesecurity.com/lessons/lesson-6/2024-10-02T18:42:06-07:00https://bluecapesecurity.com/courses/master-enterprise-dfir__trashed/lessons/lab-environment/2025-04-19T20:21:57-07:00https://bluecapesecurity.com/lessons/lesson-7/2024-10-02T18:42:27-07:00https://bluecapesecurity.com/courses/master-enterprise-dfir__trashed/lessons/day-1-session-replay/2024-11-22T12:31:10-08:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/session-3-applied-forensic-analysis/2024-12-28T14:14:49-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/case-ransomware-scenario/2024-11-25T15:48:28-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/remote-analysis-with-velociraptor/2024-12-20T08:53:04-08:00https://bluecapesecurity.com/lessons/disk-analysis-client1/2024-11-08T11:24:52-08:00https://bluecapesecurity.com/lessons/memory-analysis-client1/2024-11-08T15:32:49-08:00https://bluecapesecurity.com/courses/jumpstart-your-dfir-journey-webinar-series__trashed/lessons/introduction-start-here/2024-10-31T09:43:34-07:00https://bluecapesecurity.com/courses/jumpstart-your-dfir-journey-webinar-series__trashed/lessons/join-discord-community/2024-10-31T08:54:23-07:00https://bluecapesecurity.com/lessons/resources-for-practical-forensics-dfir/2024-10-31T08:11:55-07:00https://bluecapesecurity.com/courses/jumpstart-your-dfir-journey-webinar-series__trashed/lessons/build-your-forensic-workstation/2024-10-31T09:07:31-07:00https://bluecapesecurity.com/courses/jumpstart-your-dfir-journey-webinar-series__trashed/lessons/practical-windows-forensics-cheat-sheet/2024-10-31T09:07:32-07:00https://bluecapesecurity.com/courses/jumpstart-your-dfir-journey-webinar-series__trashed/lessons/practical-windows-forensics/2024-10-31T09:15:04-07:00https://bluecapesecurity.com/courses/jumpstart-your-dfir-journey-webinar-series__trashed/lessons/further-learning-101-enterprise-security-fundamentals/2024-11-01T09:05:43-07:00https://bluecapesecurity.com/courses/jumpstart-your-dfir-journey-webinar-series__trashed/lessons/advance-to-stage-2-elevate-your-dfir-skills/2024-11-01T09:42:09-07:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/practical-windows-forensics-cheat-sheet-2/2024-12-28T14:30:08-08:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/build-your-forensic-workstation-2/2024-11-01T08:41:13-07:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/digital-forensic-analysis-diy-tutorial/2024-11-01T08:38:17-07:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/further-learning-201-enterprise-security-foundations/2024-12-28T14:24:21-08:00https://bluecapesecurity.com/courses/elevate-your-dfir-skills-workshop-series__trashed/lessons/advance-to-stage-3-master-advanced-dfir/2024-12-28T14:28:28-08:00https://bluecapesecurity.com/lessons/data-collection-disk-and-memory-analysis/2024-11-25T09:42:50-08:00https://bluecapesecurity.com/lessons/disk-analysis-dc1/2024-11-08T11:24:38-08:00https://bluecapesecurity.com/lessons/pe-file-analysis/2024-11-08T14:38:39-08:00https://bluecapesecurity.com/lessons/malicious-powershell-script-analysis/2024-11-08T14:40:13-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/malware-collection-and-analysis-introduction/2025-01-20T21:14:10-08:00https://bluecapesecurity.com/lessons/analysis-with-timesketch/2024-11-08T15:21:16-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/timeline-creation-and-analysis-techniques/2025-01-24T10:16:28-08:00https://bluecapesecurity.com/courses/master-enterprise-dfir__trashed/lessons/workshop-exercise-instructions/2025-04-19T20:19:20-07:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/welcome-and-course-overview/2025-01-30T16:19:54-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/investigation-timeline/2024-12-01T22:59:25-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/reporting-findings/2025-01-29T15:35:32-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/attack-scenario-reveal/2025-01-28T15:49:39-08:00https://bluecapesecurity.com/lessons/lessons-learned/2024-11-25T09:06:13-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/course-conclusion-and-next-steps/2025-01-30T11:09:10-08:00https://bluecapesecurity.com/lessons/welcome-and-course-overview-2/2024-11-25T11:20:23-08:00https://bluecapesecurity.com/lessons/online-lab-vm-2/2024-11-25T11:20:24-08:00https://bluecapesecurity.com/lessons/case-ransomware-scenario-2/2024-11-25T11:20:24-08:00https://bluecapesecurity.com/lessons/investigation-timeline-2/2024-11-25T11:20:24-08:00https://bluecapesecurity.com/lessons/network-packet-and-zeek-log-analysis-2/2024-11-25T11:20:24-08:00https://bluecapesecurity.com/lessons/event-log-analysis-with-splunk-and-sigma-2/2024-11-25T11:20:24-08:00https://bluecapesecurity.com/lessons/remote-analysis-with-velociraptor-2/2024-11-25T11:20:24-08:00https://bluecapesecurity.com/lessons/data-collection-disk-and-memory-analysis-2/2024-11-25T11:20:24-08:00https://bluecapesecurity.com/lessons/malware-analysis-and-detection-with-yara-rules-2/2024-11-25T11:20:24-08:00https://bluecapesecurity.com/lessons/timeline-creation-and-analysis-with-timesketch-and-hayabusa-2/2024-11-25T11:20:25-08:00https://bluecapesecurity.com/lessons/reporting-2/2024-11-25T11:20:25-08:00https://bluecapesecurity.com/lessons/attack-scenario-reveal-2/2024-11-25T11:20:25-08:00https://bluecapesecurity.com/lessons/course-conclusion-and-next-steps-2/2024-11-25T11:20:25-08:00https://bluecapesecurity.com/lessons/submit-student-course-access/2025-01-02T09:36:37-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/pcap-analysis-with-wireshark/2024-12-02T08:35:26-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/zeek-logs-analysis/2024-12-02T08:35:30-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/pcap-and-zeek-introduction/2024-12-02T08:47:01-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/network-traffic-analysis-findings/2024-12-02T08:48:55-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/threat-landscape-ransomware-attacks/2025-01-16T13:21:21-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/incident-analysis-core-techniques-and-approaches/2025-01-16T13:21:14-08:00https://bluecapesecurity.com/lessons/terms-of-use-and-license-agreement/2024-12-06T10:32:50-08:00https://bluecapesecurity.com/courses/301-case-files-terms-access__trashed/lessons/case-file-downloads/2025-01-10T17:51:54-08:00https://bluecapesecurity.com/courses/301-case-files-terms-access__trashed/lessons/terms-of-use-and-license-agreement-2/2024-12-06T15:41:27-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/event-log-analysis-with-splunk/2024-12-13T08:28:15-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/sigma-detection-rules/2024-12-13T08:28:19-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/log-analysis-conclusion/2024-12-13T08:28:21-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/log-analysis-introduction/2024-12-13T08:30:51-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/forensic-analysis/2025-01-03T05:16:43-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/data-collection/2025-01-03T05:16:56-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/disk-analysis-dc1-2/2025-01-03T05:17:09-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/disk-analysis-client1-2/2025-01-09T16:42:56-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/memory-analysis-client1-2/2025-01-13T20:39:22-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/incident-management-documenting-findings-and-creating-timelines/2025-01-16T14:45:19-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/timeline-template-and-notes-taking/2025-01-16T15:11:20-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/powershell-scripts-analysis/2025-01-20T20:49:45-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/pe-files-analysis/2025-01-20T20:50:15-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/malware-detection-with-yara-rules/2025-01-20T20:50:36-08:00https://bluecapesecurity.com/lessons/timeline-analysis-with-timesketch/2025-01-27T12:41:29-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/investigation-introduction-and-objectives/2025-01-27T21:19:52-08:00https://bluecapesecurity.com/lessons/preparation-splunk-timeline-investigation/2025-01-27T20:41:24-08:00https://bluecapesecurity.com/lessons/preparation-timesketch-timeline-investigation/2025-01-27T20:41:45-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/execution-timeline-analysis-guide/2025-01-28T11:36:22-08:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/preparation-timesketch-timeline-analysis/2025-04-19T16:10:09-07:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/preparation-splunk-timeline-analysis/2025-01-27T22:27:20-08:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/welcome-and-overview/2025-05-06T19:59:05-07:00https://bluecapesecurity.com/lessons/join-discord-community-2/2025-02-27T15:11:31-08:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/understanding-the-threat-landscape/2025-03-16T16:26:11-07:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/cyber-threats-and-important-forensic-concepts/2025-03-16T16:26:59-07:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/essential-tools-and-applications-for-dfir-environments/2025-03-16T16:27:32-07:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/preparation-case-files-and-lab-options/2025-03-17T18:48:10-07:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/security-operations-in-enterprise-environments/2025-03-17T20:52:17-07:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/incident-response-and-data-collection-techniques/2025-03-17T20:51:49-07:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/applied-forensic-analysis/2025-03-17T20:51:07-07:00https://bluecapesecurity.com/lessons/practical-windows-forensics-cheat-sheet-3/2025-03-03T16:06:20-08:00https://bluecapesecurity.com/lessons/prepare-your-forensic-workstation/2025-03-12T13:51:39-07:00https://bluecapesecurity.com/lessons/digital-forensic-analysis-diy-tutorial-2/2025-03-03T16:05:49-08:00https://bluecapesecurity.com/lessons/further-learning-practical-windows-forensics/2025-02-27T09:35:07-08:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/logistics-labs-and-assessment/2025-03-17T20:43:39-07:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/instructions/2025-03-14T14:27:05-07:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/scenario-reveal/2025-03-13T10:35:51-07:00https://bluecapesecurity.com/lessons/knowledge-assessment/2025-03-14T14:14:58-07:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/course-finish-and-next-steps/2025-12-19T14:38:52-08:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/online-lab-vm-for200/2025-07-18T10:11:32-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/for001-disgruntled-managers-exodus/2025-07-10T14:27:16-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/for002-suspicious-network-connection/2025-05-06T10:11:34-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/for003-unauthorized-access/2025-05-06T10:12:47-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/for004-suspicious-logons/2025-05-06T10:13:11-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/investigation-resources/2025-05-16T13:41:05-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/overview-of-terra-nova-technology/2025-05-06T14:46:13-07:00https://bluecapesecurity.com/courses/200for-beta-feedback__trashed/lessons/feedback-support/2025-05-01T10:37:35-07:00https://bluecapesecurity.com/lessons/beta-testing-agreement/2025-05-02T11:44:17-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/investigation-reporting-and-notes-taking-for200/2025-05-06T14:38:11-07:00https://bluecapesecurity.com/courses/for004/lessons/investigation-scenario-disclaimer/2025-04-18T12:43:54-07:00https://bluecapesecurity.com/courses/301-enterprise-dfir/lessons/301-online-lab-vm/2025-08-26T14:50:12-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/forensic-tools-applications-for200/2025-10-16T16:49:06-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/scenario-disclaimer/2025-07-18T13:07:57-07:00https://bluecapesecurity.com/lessons/lesson-9/2025-05-01T08:32:23-07:00https://bluecapesecurity.com/lessons/lesson-8/2025-05-01T09:05:33-07:00https://bluecapesecurity.com/courses/200for-beta-feedback__trashed/lessons/200for-feedback/2025-05-01T09:05:45-07:00https://bluecapesecurity.com/lessons/lesson-10/2025-05-01T09:06:12-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/welcome-and-overview-for200/2025-05-16T13:40:19-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/conclusion-next-steps/2025-05-12T16:30:50-07:00https://bluecapesecurity.com/lessons/for001-solution-summary-report/2025-05-10T15:34:48-07:00https://bluecapesecurity.com/courses/300-ir-investigations/lessons/welcome-and-overview-2/2025-11-11T10:29:55-08:00https://bluecapesecurity.com/courses/300-ir-investigations/lessons/online-lab-vm/2025-11-11T14:55:05-08:00https://bluecapesecurity.com/courses/300-ir-investigations/lessons/ir001/2025-11-11T08:38:56-08:00https://bluecapesecurity.com/courses/300-ir-investigations/lessons/ir002/2025-11-11T21:31:56-08:00https://bluecapesecurity.com/courses/300-ir-investigations/lessons/ir003/2025-11-21T09:38:43-08:00https://bluecapesecurity.com/courses/300-ir-investigations/lessons/conclusion-next-steps-2/2025-07-10T13:26:22-07:00https://bluecapesecurity.com/courses/300-ir-investigations/lessons/disclaimer/2025-07-10T13:16:29-07:00https://bluecapesecurity.com/courses/300-ir-investigations/lessons/environment-overview/2025-11-11T10:33:21-08:00https://bluecapesecurity.com/courses/300-ir-investigations/lessons/dfir-tools-applications/2025-11-12T11:39:21-08:00https://bluecapesecurity.com/courses/300-ir-investigations/lessons/reporting-and-notes-taking/2025-11-11T09:16:43-08:00https://bluecapesecurity.com/lessons/pwfa-domains/2025-07-18T14:13:12-07:00https://bluecapesecurity.com/lessons/access-timing/2025-07-18T14:13:05-07:00https://bluecapesecurity.com/courses/analyst-1-practical-windows-forensic-analyst/lessons/grading-retake-policy/2025-08-15T12:50:20-07:00https://bluecapesecurity.com/lessons/forensic-tools-online-vm-environment/2025-07-18T11:32:41-07:00https://bluecapesecurity.com/lessons/lesson-12/2025-07-15T17:36:59-07:00https://bluecapesecurity.com/courses/for200-scenario-walkthrough-replays__trashed/lessons/for001-disgruntled-managers-exodus-2/2025-07-15T17:46:28-07:00https://bluecapesecurity.com/lessons/lesson-13/2025-07-15T17:51:34-07:00https://bluecapesecurity.com/courses/for200-scenario-walkthrough-replays__trashed/lessons/for002-suspicious-network-connection-2/2025-07-15T17:52:27-07:00https://bluecapesecurity.com/courses/for200-scenario-walkthrough-replays__trashed/lessons/for003-unauthorized-access-2/2025-07-15T17:53:32-07:00https://bluecapesecurity.com/courses/for200-scenario-walkthrough-replays__trashed/lessons/for004-suspicious-logons-2/2025-07-15T17:54:01-07:00https://bluecapesecurity.com/courses/analyst-1-practical-windows-forensic-analyst/lessons/starting-the-pwfa-certification-exam/2025-12-19T15:58:55-08:00https://bluecapesecurity.com/courses/analyst-1-practical-windows-forensic-analyst/lessons/academic-integrity-agreement/2025-07-18T13:08:22-07:00https://bluecapesecurity.com/lessons/exam-attempts-retake-policy/2025-07-18T14:06:42-07:00https://bluecapesecurity.com/lessons/during-the-exam/2025-07-18T13:59:03-07:00https://bluecapesecurity.com/lessons/submission-process/2025-07-18T13:31:51-07:00https://bluecapesecurity.com/courses/analyst-1-practical-windows-forensic-analyst/lessons/pwfa-exam-readiness-and-overview/2025-12-19T16:07:14-08:00https://bluecapesecurity.com/courses/analyst-1-practical-windows-forensic-analyst/lessons/credential-delivery/2025-10-16T17:07:53-07:00https://bluecapesecurity.com/lessons/questions-support/2025-07-18T13:42:12-07:00https://bluecapesecurity.com/courses/analyst-1-practical-windows-forensic-analyst/lessons/continue-your-dfir-journey/2025-12-19T16:17:29-08:00https://bluecapesecurity.com/courses/pwfa-exam-scenario-1/lessons/online-lab-vm-3/2025-08-27T09:36:41-07:00https://bluecapesecurity.com/lessons/incident-timeline-reporting-templates/2025-07-18T10:14:52-07:00https://bluecapesecurity.com/lessons/lesson-11/2025-07-25T13:22:25-07:00https://bluecapesecurity.com/lessons/lesson-14/2025-07-25T13:25:25-07:00https://bluecapesecurity.com/courses/analyst-1-practical-windows-forensic-analyst/lessons/exam-logistics-technical-requirements/2025-12-19T15:58:53-08:00https://bluecapesecurity.com/courses/pwfa-exam-prep-bootcamp-details__trashed/lessons/lesson-15/2025-07-27T16:49:47-07:00https://bluecapesecurity.com/courses/200-for-investigations/lessons/scenario-walkthrough-videos/2025-08-26T15:34:15-07:00https://bluecapesecurity.com/courses/pwfa-exam-scenario-1/lessons/case-introduction/2025-08-07T15:26:01-07:00https://bluecapesecurity.com/courses/pwfa-exam-scenario-1/lessons/timeline-submission/2025-08-07T17:04:58-07:00https://bluecapesecurity.com/lessons/disclaimer-2/2025-07-30T13:52:33-07:00https://bluecapesecurity.com/courses/pwfa-exam-scenario-1/lessons/exam-logistics/2025-10-16T16:48:42-07:00https://bluecapesecurity.com/courses/pwfa-exam-scenario-1/lessons/next-steps-and-feedback/2025-10-16T17:11:07-07:00https://bluecapesecurity.com/courses/pwfa-exam-scenario-1/lessons/support/2025-08-03T23:08:44-07:00https://bluecapesecurity.com/lessons/test-exam-button/2025-08-05T15:23:24-07:00https://bluecapesecurity.com/lessons/objectives-submission/2025-08-07T16:17:52-07:00https://bluecapesecurity.com/courses/pwfa-exam-scenario-1/lessons/exam-grading/2025-08-15T12:52:13-07:00https://bluecapesecurity.com/lessons/lesson-16/2025-11-11T14:05:41-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/welcome-to-the-hero-bundle-training-track/2025-11-11T14:59:54-08:00https://bluecapesecurity.com/lessons/lesson-17/2025-11-11T14:06:12-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/101-enterprise-security-fundamentals-course/2025-11-11T14:30:48-08:00https://bluecapesecurity.com/lessons/lesson-18/2025-11-11T14:06:53-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/201-practical-windows-forensics-course/2025-11-11T14:20:44-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/301-advanced-dfir-course/2025-11-11T14:35:48-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/for200-investigation-scenarios/2025-11-11T14:20:33-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/ir300-investigation-scenarios/2025-11-11T14:49:31-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/analyst-i-pwfa-exam-readiness/2025-11-11T14:21:08-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/pwfa-live-bootcamp-optional-2/2025-11-11T14:22:10-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/exam-overview-and-requirements-2/2025-11-11T14:22:48-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/starting-the-pwfa-certification-exam-2/2025-11-19T14:21:22-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/grading-retake-policy-2/2025-11-11T14:23:54-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/academic-integrity-agreement-2/2025-11-11T14:24:08-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/credential-delivery-2/2025-11-11T14:25:54-08:00https://bluecapesecurity.com/courses/hero-bundle__trashed/lessons/alumni-benefits/2025-11-11T15:12:28-08:00https://bluecapesecurity.com/courses//lessons/welcome-to-the-analyst-ii-advanced-dfir-training-track/2025-11-14T12:23:16-08:00https://bluecapesecurity.com/courses//lessons/learn-301-dfir-course/2025-11-14T12:24:56-08:00https://bluecapesecurity.com/courses//lessons/practice-ir300-investigation-scenarios/2025-11-14T12:25:15-08:00https://bluecapesecurity.com/courses//lessons/ready-for-the-next-level/2025-11-14T12:25:43-08:00https://bluecapesecurity.com/courses/detection-engineering-with-sigma/lessons/course-introduction-2/2025-12-31T09:09:09-08:00https://bluecapesecurity.com/courses/detection-engineering-with-sigma/lessons/module-2-hayabusa-detect-security-event-log-clearing-with-sigma/2025-12-29T19:25:23-08:00https://bluecapesecurity.com/courses/detection-engineering-with-sigma/lessons/module-3-splunk-detect-psexec-service-execution-with-sigma/2025-12-29T19:37:53-08:00https://bluecapesecurity.com/courses/detection-engineering-with-sigma/lessons/module-4-splunk-detect-lsass-credential-dumping-with-sigma/2025-12-29T19:54:03-08:00https://bluecapesecurity.com/courses/detection-engineering-with-sigma/lessons/module-5-splunk-detect-brute-force-password-spray-attacks-with-sigma-correlation/2026-01-02T06:15:05-08:00https://bluecapesecurity.com/courses/detection-engineering-with-sigma/lessons/module-1-introduction-to-sigma-rules/2026-01-05T11:36:09-08:00https://bluecapesecurity.com/courses/detection-engineering-with-sigma/lessons/resources-sigma-cheat-sheet/2025-12-29T20:31:02-08:00https://bluecapesecurity.com/courses/detection-engineering-with-sigma/lessons/conclusion-and-next-steps/2025-12-29T20:32:38-08:00https://bluecapesecurity.com/courses/detection-engineering-with-sigma/lessons/online-lab-vm-4/2026-01-06T09:22:51-08:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/scenario-introduction/2026-01-06T12:24:54-08:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/background-information/2026-01-02T15:04:26-08:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/evidence-and-tools/2026-01-06T09:30:58-08:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/module-1-initial-detection/2026-03-27T10:14:47-07:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/module-2-payload-analysis/2026-03-27T10:14:10-07:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/module-3-timeline-reconstruction/2026-03-27T10:16:03-07:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/module-4-post-exploitation-hunting/2026-03-27T10:17:29-07:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/module-5-correlation-with-host-data/2026-03-27T10:37:31-07:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/module-6-ioc-extraction/2026-03-27T10:46:19-07:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/case-summary/2026-03-27T10:55:53-07:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/answer-key-react2shell-lab/2026-03-27T10:55:01-07:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/react2shell-resources/2026-03-27T11:09:09-07:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/online-lab-vm-5/2026-01-22T09:08:55-08:00https://bluecapesecurity.com/courses/react2shell-server-compromise-investigation/lessons/scenario-conclusion/2026-01-06T10:26:56-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/online-lab-vm-6/2026-01-08T14:48:41-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-0-platform-orientation-dataset-familiarization/2026-01-08T14:41:38-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-1-aws-iam-activity-cloud-misconfiguration/2026-01-08T14:40:51-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-2-aws-credential-leakage-cloud-abuse/2026-01-08T14:41:57-08:00https://bluecapesecurity.com/lessons/lesson-20/2026-01-08T14:33:37-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-3-cloud-infrastructure-baseline-automation/2026-01-08T14:42:29-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-4-cryptocurrency-mining-incident/2026-01-08T14:42:58-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-5-dns-network-scanning-external-recon/2026-01-08T14:43:26-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-6-phishing-malware-delivery-email-abuse/2026-01-08T14:44:27-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-7-windows-endpoint-compromise-identity-abuse/2026-01-08T14:44:57-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-8-linux-server-compromise-privilege-escalation/2026-01-08T14:45:28-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-9-c2-defacement-adversary-artifacts/2026-01-08T14:45:58-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-10-soc-analytics-telemetry-advanced-spl/2026-01-08T14:46:29-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/lesson-11-osint-contextual-attribution-optional-bonus/2026-01-08T14:46:58-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/what-is-splunk-bots-v3/2026-01-08T15:10:22-08:00https://bluecapesecurity.com/courses/splunk-bots-v3/lessons/recap-and-conclusion/2026-01-08T15:29:07-08:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-online-labs/lessons/lesson-19/2026-01-18T09:48:18-08:00https://bluecapesecurity.com/lessons/lesson-21/2026-01-19T13:06:32-08:00https://bluecapesecurity.com/lessons/detection-engineering-with-sigma/2026-01-19T13:06:40-08:00https://bluecapesecurity.com/lessons/malware-detection-with-yara/2026-01-19T13:06:47-08:00https://bluecapesecurity.com/lessons/react2shell-server-compromise-investigation/2026-01-19T13:06:56-08:00https://bluecapesecurity.com/lessons/splunk-bots-v3/2026-01-19T13:07:04-08:00https://bluecapesecurity.com/lessons/adversary-c2-operations/2026-01-19T13:07:11-08:00https://bluecapesecurity.com/lessons/microsoft-365-bec-investigation/2026-01-19T13:07:19-08:00https://bluecapesecurity.com/lessons/foundations-of-cyber-threat-intelligence/2026-01-19T13:07:37-08:00https://bluecapesecurity.com/courses/malware-detection-with-yara/lessons/introduction-to-yara/2026-01-19T14:43:34-08:00https://bluecapesecurity.com/courses/malware-detection-with-yara/lessons/module-2-detecting-china-chopper-webshell-with-yara/2026-01-19T15:35:06-08:00https://bluecapesecurity.com/courses/malware-detection-with-yara/lessons/module-3-yara-in-incident-response-detecting-ransomware-infected-hosts/2026-01-19T15:35:52-08:00https://bluecapesecurity.com/courses/malware-detection-with-yara/lessons/module-4-detecting-xmrig-miner-with-yara/2026-01-19T17:03:09-08:00https://bluecapesecurity.com/courses/malware-detection-with-yara/lessons/module-5-hunting-cobalt-strike-beacon-in-memory-using-yara/2026-01-19T15:37:45-08:00https://bluecapesecurity.com/courses/malware-detection-with-yara/lessons/resources-yara-cheat-sheet/2026-01-19T15:26:38-08:00https://bluecapesecurity.com/courses/malware-detection-with-yara/lessons/conclusion-and-next-steps-2/2026-01-19T15:22:55-08:00https://bluecapesecurity.com/courses/malware-detection-with-yara/lessons/module-1-anatomy-of-yara-rules/2026-01-19T17:02:57-08:00https://bluecapesecurity.com/courses/malware-detection-with-yara/lessons/online-lab-vm-7/2026-01-19T17:33:41-08:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/course-introduction-3/2026-01-23T20:01:45-08:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/module-1-introduction-to-the-ual/2026-01-23T20:01:55-08:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/case-introduction-2/2026-01-23T19:59:46-08:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/module-2-extracting-the-ual/2026-01-23T20:15:25-08:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/module-3-unified-audit-log-fields/2026-01-23T20:06:56-08:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/module-4-exchange-operations/2026-01-23T20:14:19-08:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/module-5-azure-active-directory/2026-01-23T20:14:07-08:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/module-6-eradication-and-recovery/2026-01-23T20:16:19-08:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/conclusion-and-next-steps-3/2026-01-23T16:36:44-08:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/online-lab-vm-8/2026-01-23T19:54:00-08:00https://bluecapesecurity.com/lessons/lesson-23/2026-01-23T16:09:13-08:00https://bluecapesecurity.com/courses/dfir-foundations-techniques-readiness/lessons/what-best-describes-you-right-now/2026-02-20T13:30:46-08:00https://bluecapesecurity.com/courses/test__trashed/lessons/test/2026-02-25T12:17:16-08:00https://bluecapesecurity.com/courses/foundations-of-cyber-threat-intelligence/lessons/course-overview/2026-03-17T15:17:18-07:00https://bluecapesecurity.com/courses/foundations-of-cyber-threat-intelligence/lessons/module-1-introduction-to-cyber-threat-intelligence/2026-03-17T15:19:41-07:00https://bluecapesecurity.com/courses/foundations-of-cyber-threat-intelligence/lessons/module-2-intelligence-levels-and-cti-use-cases/2026-03-17T15:22:03-07:00https://bluecapesecurity.com/courses/foundations-of-cyber-threat-intelligence/lessons/module-3-the-intelligence-lifecycle/2026-03-17T15:23:09-07:00https://bluecapesecurity.com/courses/foundations-of-cyber-threat-intelligence/lessons/module-4-cyber-threat-intelligence-frameworks/2026-03-17T15:37:19-07:00https://bluecapesecurity.com/courses/foundations-of-cyber-threat-intelligence/lessons/task-cyber-threat-intelligence-reporting-exercise/2026-03-17T15:55:46-07:00https://bluecapesecurity.com/courses/foundations-of-cyber-threat-intelligence/lessons/course-conclusion/2026-03-17T15:15:05-07:00https://bluecapesecurity.com/courses/microsoft-365-bec-investigation/lessons/resources-bec-investigation-cheat-sheet/2026-03-24T10:11:55-07:00https://bluecapesecurity.com/courses/bec-investigation-with-sof-elk/lessons/course-overview-2/2026-04-07T14:24:47-07:00https://bluecapesecurity.com/courses/bec-investigation-with-sof-elk/lessons/module-1-configuring-geoip-in-sof-elk/2026-04-01T13:34:04-07:00https://bluecapesecurity.com/courses/bec-investigation-with-sof-elk/lessons/module-2-exracting-the-ual-for-sof-elk-analysis/2026-04-01T13:37:37-07:00https://bluecapesecurity.com/courses/bec-investigation-with-sof-elk/lessons/module-3-accessing-microsoft-365-logs-in-kibana/2026-04-01T13:39:52-07:00https://bluecapesecurity.com/courses/bec-investigation-with-sof-elk/lessons/module-4-investigating-suspicious-activity-in-microsoft-365-logs/2026-04-01T15:55:22-07:00https://bluecapesecurity.com/courses/bec-investigation-with-sof-elk/lessons/conclusion/2026-04-01T13:46:09-07:00https://bluecapesecurity.com/courses/bec-investigation-with-sof-elk/lessons/module-5-visualizing-suspicious-account-activity-on-a-map/2026-04-01T15:58:53-07:00