Advanced

Log4j Vulnerability Lab: Video Walkthrough

log4j · vulnerability · video · walkthrough · briefings · networking · systems · security · ldap · server · setting · shell · detections · exploitation · malicious · network · payload · p...

This walkthrough reproduces, step by step, a hands-on lab that emulates the Log4Shell (Log4j) vulnerability from both the defender's and the attacker's perspective. It starts with configuring network detection tooling, moves into standing up attacker infrastructure and firing two exploitation techniques (a proof-of-concept file write and a full reverse shell), and finishes by walking through the resulting detections and packet captures to understand exactly how the exploit behaves on the wire.

Because the operator controls both sides of this lab, the same activity you'd normally only see from a defender's viewpoint (Suricata alerts, packet captures) can be directly correlated with the exact attacker actions that produced it.

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

7 sections
  1. 1 Table of Contents
  2. 2 Module 1: Lab Overview and Objectives
  3. 3 Module 2: Setting Up Network Detections
  4. 4 Module 3: Setting Up the Malicious LDAP Server and Proof-of-Concept Exploit
  5. 5 Module 4: Upgrading to a Reverse Shell
  6. 6 Module 5: Analyzing Detections and Network Traffic
  7. 7 Summary

More Vulnerability Briefings courses

View all 30

Interested in this course?

Contact us to book it or get a custom training plan for your team.