Basics

parallel

1. Windows Fundamentals

   HTB Windows Fundamentals module

2. PowerShell & CMD Basics

   Introduction to Windows Command Line

3. AD Basics YouTube Playlist – Covers AD administration basics we need “Videos from MCSA windows server course”.

4. HTB Introduction to Active Directory

Offensive Part

• HTB AD Enumeration & Attacks Module

Defensive

To ensure the success of the Blue Team component, your focus must be on Detection Engineering and operational readiness. This involves gaining expertise in building the functional SOC home lab environment using industry-standard tools like Splunk/ELK, Wazuh, and TheHive. Crucially, you must know how to properly configure target machines by specifying critical Windows and Sysmon Event IDs and setting up reliable log forwarding to enable deep visibility. The core analytical requirement is mastering SIEM query languages (Splunk/ELK) to translate adversarial tactics into high-fidelity detection alerts, complemented by the creation of specific YARA rules to trigger on malicious artifacts used during the offensive simulations.

• SOC Analyst Path from HTB academy
• https://www.youtube.com/playlist?list=PLG6KGSNK4PuBWmX9NykU0wnWamjxdKhDJ
  • First 3
  • 13 -19
  • 27 -56
• https://hla-khalid.gitbook.io/hla-khalid/building-a-soc-home-lab
• https://academy.tcm-sec.com/p/detection-engineering-for-beginners
  • Not necessary

Sample Project

https://github.com/Orange-Cyberdefense/GOAD