Project URL: https://academy.hackthebox.com/module/details/214

Project Description:

I recently dedicated some time to furthering my cybersecurity knowledge by completing a challenging Hack The Box module on Threat Hunting. This module is a part of the SOC analyst path in Hack The Box, leading to the HTB Certified Defensive Security Analyst exam. My goal is to take the exam after completing all the modules.

Overview

This module lays the groundwork for understanding Threat Hunting, starting with its basic definition and the structure of a threat hunting team. It also dives into the threat hunting process, highlighting its relationships with risk assessment and incident handling. Furthermore, the module covers the basics of Cyber Threat Intelligence (CTI), including different types of threat intelligence and how to interpret a threat intelligence report. The practical segment of the module demonstrates how to conduct threat hunting using the Elastic stack, using real-world logs for hands-on experience.

Key Learning Objectives

• Understanding the fundamentals of Threat Hunting, including its definition and the structure of a threat hunting team.
• Insights into the threat hunting process and its relationship with risk assessment and incident handling.
• Basics of Cyber Threat Intelligence (CTI) and different types of threat intelligence.
• Skills to interpret a threat intelligence report.
• Practical experience in performing threat hunting using the Elastic stack.

Hands-On Practice

The module includes sections with hands-on exercises to practice the techniques covered. It ends with a practical skills assessment to gauge understanding. Learners can reproduce detection examples provided in the interactive sections or their virtual machines.

Module Details

• Classification: Medium
• Prerequisites: Basic knowledge of Windows operations and common attack principles
• Duration: Self-paced, start and stop anytime
• Assessment: Completion of all exercises and skills assessment required for marking the module as complete