# SOC Roadmap "Rooms and Challanges zero 2 hero " THM ## **Pre Security** **What is Networking?** [TryHackMe | What is Networking?](https://tryhackme.com/room/whatisnetworking) **Introductory Networking** [TryHackMe | Introductory Networking](https://tryhackme.com/room/introtonetworking) **Network Services** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/networkservices) **Network Services 2** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/networkservices2) **Intro to LAN** [TryHackMe | Intro to LAN](https://tryhackme.com/room/introtolan) **OSI Model** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/osimodelzi) **Packets & Frames** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/packetsframes) **Extending Your Network** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/extendingyournetwork) **DNS in detail** [TryHackMe | DNS in detail](https://tryhackme.com/room/dnsindetail) **HTTP in detail** [TryHackMe | HTTP in detail](https://tryhackme.com/room/httpindetail) **How websites work** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/howwebsiteswork) **Linux Fundamentals Part 1** [TryHackMe | Linux Fundamentals Part 1](https://tryhackme.com/room/linuxfundamentalspart1) **Linux Fundamentals Part 2** [TryHackMe | Linux Fundamentals Part 2](https://tryhackme.com/room/linuxfundamentalspart2) **Linux Fundamentals Part 3** [TryHackMe | Linux Fundamentals Part 3](https://tryhackme.com/room/linuxfundamentalspart3) **Windows Fundamentals 1** [TryHackMe | Windows Fundamentals 1](https://tryhackme.com/room/windowsfundamentals1xbx) **Windows Fundamentals 2** [TryHackMe | Windows Fundamentals 2](https://tryhackme.com/room/windowsfundamentals2x0x) **Windows Fundamentals 3** [TryHackMe | Windows Fundamentals 3](https://tryhackme.com/room/windowsfundamentals3xzx) **Active Directory Basics** [TryHackMe | Active Directory Basics](https://tryhackme.com/room/winadbasics) **Principles of Security** {% embed url="" %} ## **SOC Theory & Pratical** **Intro to Defensive Security** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/defensivesecurity) **Security Operations** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/securityoperations) ## Network Analysis **Wireshark 101** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/wireshark) **Wireshark: The Basics \[Walkthrough]** {% embed url="" %} **Wireshark: Packet Operations \[Walkthrough]** {% embed url="" %} **Wireshark: Traffic Analysis \[Walkthrough]** {% embed url="" %} **Carnage \[Challenge]** {% embed url="" %} **Brim** {% embed url="" %} ## Security Monitoring **Core Windows Processes** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/btwindowsinternals) **Sysinternals** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/btsysinternalssg) **Windows Event Logs** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/windowseventlogs) **Sysmon** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/sysmon) ## Osquery: The Basics {% embed url="" %} **Wazuh** {% embed url="" %} **Cyber Kill Chain** {% embed url="" %} **Pyramid Of Pain** {% embed url="" %} **Introduction to SIEM** {% embed url="" %} Splunk: Basics \ [TryHackMe | Cyber Security Training](https://tryhackme.com/room/splunk101) **Incident handling with Splunk** [TryHackMe | Cyber Security Training](https://tryhackme.com/room/splunk201) **MITRE** {% embed url="" %} {% embed url="" %} **Splunk 2** {% embed url="" %} **What the Shell?** {% embed url="" %} ## Phishing Analysis Phishing Analysis Fundamentals {% embed url="" %} **Phishing Emails in Action** {% embed url="" %} Phishing Analysis Tools {% embed url="" %} **Phishing Prevention** {% embed url="" %} **The Greenholt Phish** {% embed url="" %} \ ## **Basic F**orensics **Volatility** {% embed url="" %} **Windows Forensics 1** {% embed url="" %} **Windows Forensics 2** {% embed url="" %} **Linux Forensics** {% embed url="" %} **Redline** {% embed url="" %} **Autopsy** {% embed url="" %} **Disk Analysis & Autopsy** {% embed url="" %} ## Threat and Vulnerability Management **Nessus** {% embed url="" %} **Yara** {% embed url="" %} **MISP** {% embed url="" %} #### ## Basic MAL Analysis “ optional” “ Recommended” **Intro to Malware Analysis** {% embed url="" %} **MAL: Malware Introductory** {% embed url="" %} **MAL: Strings** {% embed url="" %} **Basic Malware RE** {% embed url="" %} **MAL: REMnux - The Redux** {% embed url="" %} \---- **CyberDefenders Challanges to improve your Skills** **WireDive** [CyberDefenders: WireDive blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/37) **PacketMaze** [CyberDefenders: PacketMaze blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/68) **EscapeRoom** [CyberDefenders: EscapeRoom blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/18) **DeepDive** [CyberDefenders: DeepDive blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/78) **HawkEye** [CyberDefenders: HawkEye blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/91) **DumpMe** [CyberDefenders: DumpMe blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/65) **Malware Traffic Analysis 1** [CyberDefenders: Malware Traffic Analysis 1 blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/17) **Malware Traffic Analysis 2** [CyberDefenders: Malware Traffic Analysis 2 blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/20) **Malware Traffic Analysis 3** [CyberDefenders: Malware Traffic Analysis 3 blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/21) **Malware Traffic Analysis 4** [CyberDefenders: Malware Traffic Analysis 4 blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/57) **Malware Traffic Analysis 5** [CyberDefenders: Malware Traffic Analysis 5 blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/58) **Malware Traffic Analysis 6** [CyberDefenders: Malware Traffic Analysis 6 blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/59) **Seized** [CyberDefenders: Seized blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/92) **Pwned-DC** [CyberDefenders: Pwned-DC blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/89) **BankingTroubles** [CyberDefenders: BankingTroubles blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/43) **HoneyBOT** **Hunter** [CyberDefenders: Hunter blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/32) **Ulysses** [CyberDefenders: Ulysses blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/41) **Injector** [CyberDefenders: Injector blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/23) **Insider** [CyberDefenders: Insider blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/64) **Hacked** [CyberDefenders: Hacked blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/71) **CyberCorp Case 1** [CyberDefenders: CyberCorp Case 1 blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/74) **MrRobot** [CyberDefenders: MrRobot blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/88) **Hammered** [CyberDefenders: Hammered blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/42) — **Elastic-Case** [CyberDefenders: Elastic-Case blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/90) **LTE Fallen Wall** [CyberDefenders: LTE Fallen Wall blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/54) **Boss Of The SOC v1** [CyberDefenders: Boss Of The SOC v1 blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/15) **Boss Of The SOC v2** [CyberDefenders: Boss Of The SOC v2 blueteam challenge.](https://cyberdefenders.org/blueteam-ctf-challenges/16) **Qradar101** [**https://cyberdefenders.org/blueteam-ctf-challenges/39**](https://cyberdefenders.org/blueteam-ctf-challenges/39) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://0xmedhat.gitbook.io/whoami/soc-roadmap-rooms-and-challanges-zero-2-hero.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.