Free IOC and YARA Scanner
TryHackMe Training Room for THOR Lite
Since THOR and THOR Lite are tools written for digital forensic experts, they can be difficult to use. There is often a steep learning curve in the beginning.
We’d like to help new users pass these first steps in a playful way by providing a TryHackMe challenge in which you analyse a compromised system using THOR Lite.
You’ll learn how to download and run it, interpret the results, write your own signatures and include your own IOCs for a custom threat.
The room is meant for first time THOR or THOR Lite users.
Target Audience: DFIR professionals, administrators, security analysts
Duration: ~3 hours (without the download of the VM)
You’ll work with a prepared virtual machine that you’re required to download during the training.
- VMWare or VirtualBox
- 13 GB download and 23 GB of disk space