Ransomware Attack Simulation and Investigation for Blue Teamers with Markus Schober
Overview
- Course Length: 16 hours
- Support from expert instructors
- Includes a certificate of completion
- 12 months access to Cyber Range
As a cyber security defender and investigator, understanding ransomware attacks is crucial foreffective response.
In this workshop, participants will learn how attackers operate, set up a C2 infrastructure with Empire, and execute a simulated attack, step-by-step, from initial access all the way throughout post-exploitation phases, each student in their own Active Directory enabled lab environment.
Following, we will perform a full investigation of the scenario at hand, covering log and endpoint analysis at scale as well as data collection and digital forensics concepts. For this, the tools we are going to use are Splunk, Velociraptor and several industry-established digital forensic utilities.
Upon completion of the training, participants will have a better understanding of the steps ransomware threat actors take to achieve their objectives, as well as the best practices for detecting and ultimately preventing ransomware attacks.
Day 1 (Offense):
- Ransomware Attacks Overview
- Attack Techniques and Fundamentals
- Ransomware Attack Simulation with Empire C2
Day 2 (Defense):
- DFIR Investigation Methodology
- Ransomware Scenario Investigation
Wild West Hackin’ Fest at Mile High (Feb 4th – Feb 5th, 2025) – Denver, CO
- February 4th – 8:30 AM to 5:00 PM MDT
- February 5th – 8:30 AM to 5:00 PM MDT
Who Should Take This Course
This training is designed for entry and intermediate-level cyber security professionals seeking hands-on experience in understanding the execution of end-to-end Ransomware attacks and learning best practices for investigating and responding to such incidents.
Student Requirements
- RDP access
- Online Lab Provided
Online Lab Setup
- Live response lab: Kali Linux, Windows Hosts, Splunk, Velociraptor
- Forensic tools
- Triage data collections and memory images
This class is being taught at Wild West Hackin’ Fest at Mile High 2025.
For more information about our conferences, visit Wild West Hackin’ Fest!
Clicking on the button above will take you
to our registration page on the website.