This repository includes Red Team Operations, Blue Team Operations, and Network Forensics. All operations were conducted within Azure Labs. The Windows machine's hypervisor allowed the following network topology.
The red team operations included network enumeration to identify the target machine, and various tactics to exploit and gain root access to the target machine.
The blue team operations included configuring the Elasticsearch, Logstash, and Kibana (ELK Stack) watcher logs as well as a description of the network topology, alerts configured to monitor the targets, and suggestions for network patches.
The network forensics operations included detailed inspection of network traffic in order to identify malicious file downloads.