Module 18: Final Mission — The Full Incident
One scenario. Every skill. Prove you're battle-ready.
Tools:WazuhSuricata + EveBoxMISP + ATT&CK NavigatorVelociraptorTheHive + CortexShuffle
1
Lessons
1
Hands-on Labs
Operation Shadow Broker Thread
You'll investigate the full Operation Shadow Broker — from phishing to exfiltration — using every tool and every skill.
Lessons & Labs
Mission Briefing
Multi-phase attack scenario overview — phishing to exfiltration. Tools, deliverables, grading criteria.
Lab 18.1 — The Full Incident
Capstone: phishing → C2 → lateral movement → exfiltration → persistence. Full stack lab. Deliver: timeline, IOCs, ATT&CK map, containment plan, incident report.