HackPath
BBoooottccaammppNEWCCoouurrsseessRRooaaddmmaappPPrraaccttiicceePPrriicciinngg
>_
HACKPATH

COURSE.EXE

Blue Team Ops — Detect, Block, Respond

0%
MONITORING & DETECTION
01Read and analyze system logs
40m
02Detect an Nmap Scan in Firewall Logs
35m
03fail2ban — Automatically Banning Attackers
45m
04Harden a Server with UFW and iptables
50m
IDS/IPS WITH SURICATA
05Introduction to IDS/IPS — Understanding Network Detection
40m
06Installing and Configuring Suricata
50m
07Write Your Own Suricata Detection Rules
50m
CENTRALIZED LOGGING WITH ELK
08Introduction to SIEM — Why Centralize Logs
35m
09Set Up the ELK Stack
60m
10Create Security Alerts and Dashboards in Kibana
50m
FORENSICS & INCIDENT RESPONSE
11Forensic Analysis of a Compromised System
55m
12Recover Deleted Data with Autopsy and Foremost
50m
13Write a Professional Incident Report
45m
Lesson 11·11 / 13·55 min

Forensic Analysis of a Compromised System

Learn how to analyze a Linux system after a compromise — reconstruct the timeline, identify abnormal processes and connections, detect traces on disk, and uncover typical persistence mechanisms.

Locked lesson

This lesson is reserved for members. Upgrade to unlock the full course.

Unlock Premium Access →

200+ lessons • Challenges • Flashcards • $9/month

12 lessons locked in this course · 800+ students enrolled

$99/year — save 31% vs monthly

Unlock full access →