The Crime Info Category : Endpoint Forensics SHA1SUM : 3eb40fd0257dd3bf7d7513e1423e54c8fced4706 Published : Sept. 29, 2023, 4 p.m. Author : Infern0o Size : 330 MB Tags : Android ALEAPP sqlitebrowser Password : cyberdefenders.org Scenario We’re currently in the midst of a murder investigation, and we’ve obtained the victim’s phone as a key piece of evidence. After conducting interviews with witnesses and those in the victim’s inner circle, your objective is to meticulously analyze the information we’ve gathered and diligently trace the evidence to piece together the sequence of events leading up to the incident.

Tomcat Takeover Info Category : Network Forensics SHA1SUM : 56cc3f2aed9beb326eec027ae5dc9971a37da57d Published : Sept. 15, 2023, 4 p.m. Author : Chadou Size : 459 KB Tags : Wireshark PCAP Tomcat Network NetworkMiner Password : cyberdefenders.org Scenario Our SOC team has detected suspicious activity on one of the web servers within the company’s intranet. In order to gain a deeper understanding of the situation, the team has captured network traffic for analysis.

Redline Info Category : Digital Forensics SHA1SUM : 7c54f50cefed2e2a8947368c0de41bbb665fe483 Published : June 2, 2023 Author : Ahmed Tammam Size : 839 MB Tags : Volatility NIDS Network Intrusion Detection System Uncompress the challenge (pass: cyberdefenders.org) Scenario As a member of the Security Blue team, your assignment is to analyze a memory dump using Redline and Volatility tools. Your goal is to trace the steps taken by the attacker on the compromised machine and determine how they managed to bypass the Network Intrusion Detection System “NIDS”.

Insider Info Category : Digital Forensics SHA1SUM : d820264d825fdaeb2146bf7b4c4e03684e700007 Published : May 25, 2021 Author : Champlain College Size : 83 MB Tags : Disk Linux FTK Kali Uncompress the challenge (pass: cyberdefenders.org) Scenario After Karen started working for ‘TAAUSAI,’ she began to do some illegal activities inside the company. ‘TAAUSAI’ hired you as a soc analyst to kick off an investigation on this case. You acquired a disk image and found that Karen uses Linux OS on her machine.

Bucket Info Category : Digital Forensics SHA1SUM : fb393619f09c8e9d7272f305329601645e5aa952 Published : Dec. 7, 2021 Author : Scott Piper Size : 356 Bytes Tags : AWS cloud IR ‘log analysis’ Unzip the challenge (pass: cyberdefenders.org) Instructions Use the provided credentials to access AWS cloud trail logs and answer the questions. Scenario Welcome, Defender! As a soc analyst, we’re granting you access to the AWS account called “Security” as an IAM user.

APT Style Category : forensics General description for the series As CISO, you anticipate ~ belatedly ~ the migration of user workstations in your fleet to Windows 10. To do this, you ask one of your collaborators to prepare an installation ISO and, given the importance of the harmlessness of this installation medium, you decide to test it. You observe strange behaviors on the newly installed machine… You then decide to dissect this ISO, in order to understand where these behaviors come from.