Skip to main content

Introduction

Welcome to BLUE TEAMS ACADEMY! In today's complex and rapidly evolving cybersecurity landscape, organizations must be prepared to respond effectively to security incidents. This free website will provide you with a thorough understanding of the processes, tools, and techniques involved in incident response, SOC operations, and threat hunting.

Modules

  • Module 1 - Incident Response and Security Operations Fundamentals
  • Module 2 - TOP 20 Open-source tools every Blue Teamer should have
  • Module 3 - How to deploy your Elastic Stack (ELK) SIEM
  • Module 4 - Getting started using Microsoft Azure Sentinel (Cloud-Native SIEM and SOAR)
  • Module 5 - Hands-on Wazuh Host-based Intrusion Detection System (HIDS) Deployment
  • Module 6 - Threat Intelligence Fundamentals:
  • Module 7 - How to Install and use The Hive Project in Incident Management
  • Module 8 - Incident Response and Threat hunting with OSQuery and Kolide Fleet
  • Module 9 - How to use the MITRE PRE-ATT&CK framework to enhance your reconnaissance assessments
  • Module 10 - How to Perform Open Source Intelligence (OSINT) with SpiderFoot
  • Module 11 - How to perform OSINT with Shodan
  • Module 12 - Using MITRE ATT&CK to defend against Advanced Persistent Threats
  • Module 13 - Hands-on Malicious Traffic Analysis with Wireshark
  • Module 14 - Digital Forensics Fundamentals
  • Module 15 - How to Perform Static Malware Analysis with Radare2
  • Module 16 - How to use Yara rules to detect malware
  • Module 17 - Getting started with IDA Pro
  • Module 18 - Getting Started with Reverse Engineering using Ghidra
  • Module 19 - How to Perform Memory Analysis
  • Module 20 - Red Teaming Attack Simulation with "Atomic Red Team"
  • Module 21 - How to build a Machine Learning Intrusion Detection system
  • Module 22 - Azure Sentinel - Process Hollowing (T1055.012) Analysis
  • Module 23 - Azure Sentinel - Send Events with Filebeat and Logstash
  • Module 24 - Azure Sentinel - Using Custom Logs and DNSTwist to Monitor Malicious Similar Domains
  • Module 25 - Azure Security Center and Security Hygiene: Small Steps, Big Impact
  • Azure Sentinel - Code Samples and projects
  • Connecting CALDERA to Microsoft Sentinel - Playbook and Workbook
  • Atomic Red Team Microsoft Sentinel Workbook
  • SIGMA Rules Microsoft Sentinel Workbook

Code Snippets and Projects

  • Azure Sentinel Code snippets and Projects
  • Azure Sentinel Entity Hash VirusTotal Scanner
  • Azure Sentinel Report Generator
  • Azure Sentinel Entity Extractor
  • Azure Sentinel TheHive Playbook
  • Azure Sentinel Threat Hunting Queries
  • Sentinel2Attack

This training is maintained by: Chiheb Chebbi

If you want me to modify/correct something please don't hesitate to contact me via: chiheb-chebbi [at] outlook.fr