Threat hunting in SIEM: Detect living-off-the-land + credential dumping🧑‍🍳

Name: Threat hunting in SIEM: Detect living-off-the-land + credential dumping🧑🍳
Start: 2025-10-02T20:00:00+03:00
End: 2025-10-02T22:00:00+03:00

Hosted by Robert I. and 2 others

Meet the group

Hack The Box Meetups for Universities: KCA Uni, CS Club

No reviews yet

Details

Join us for a hands-on threat hunting session where you'll learn to detect sophisticated attacks that abuse legitimate system tools and steal credentials!
What You'll Learn:

Identify living-off-the-land techniques (PowerShell, WMI, certutil abuse)
Spot credential dumping attacks (LSASS dumps, registry extraction)
Master Sysmon log analysis (ETW->EVTX->CSV/JSON workflow)
Build effective detection queries in Splunk

Hands-On Lab:

Analyze real attack scenarios using provided Sysmon datasets
Work with enterprise SIEM platforms (Splunk or ELK stack)
Create hunting queries and detection rules
Practice correlating events across multiple log sources

Who Should Attend: SOC analysts, threat hunters, incident responders, security engineers, cybersecurity enthusiasts, and beginners looking to level up their detection skills.

Cybersecurity

Education & Technology

New Technology

Hacking

Software Development

Threat hunting in SIEM: Detect living-off-the-land + credential dumping🧑‍🍳

Hack The Box Meetups for Universities: KCA Uni, CS Club

Details

Members are also interested in