SOC Level 1 Capstone Challenges

Investigate critical incidents and apply all the skills needed to be an effective SOC analyst while handling various artefacts.

In this module, you will handle real-world incidents composed of different Tactics, Techniques, and Procedures (TTPs), starting from initial access to data exfiltration. You will learn how to handle different artefacts, including memory dumps, email samples, packet captures, and event logs. Additionally, you will learn how to navigate different data sources ingested in an SIEM and correlate the significant findings to complete the investigation.

Tempest

You are tasked to conduct an investigation from a workstation affected by a full attack chain.

Boogeyman 1

A new threat actor emerges from the wild using the name Boogeyman. Are you afraid of the Boogeyman?

Boogeyman 2

The Boogeyman is back. Are you still afraid of the Boogeyman?

Boogeyman 3

The Boogeyman emerges from the darkness again.

Upload and Conquer

An old, forgotten upload page on an e-commerce website becomes every hacker's dream when it pops up ...

Hidden Hooks

After years of meticulous development, TryHatMe Studios is on the cusp of releasing its highly antic...

BlackCat

BlackCat claims to have breached your company and posted proof on their leak site. As the SOC analys...

Need to know

Digital Forensics and Incident Response

Understand what forensic artifacts are present in the Windows and Linux Operating Systems, how to collect them, and leverage them to investigate security incidents.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).