Brave Info Category : Digital Forensics SHA1SUM : fa02a505471aeb89172f89cb27dd4e2eea14bb9e Published : June 20, 2021 Author : DFIRScience Size : 1.2 GB Tags : Volatility Memory Brave Winows Unzip the challenge (pass: cyberdefenders.org) Scenario A memory image was taken from a seized Windows machine. Analyze the image and answer the provided questions. Tools Volatility 3 CertUtil HxD Questions 1 - What time was the RAM image acquired according to the suspect system ?

DetectLog4j Info Category : Digital Forensics SHA1SUM : 6556e7d46e89bf2ea68e05cf101920e2de071a22 Published : Jan. 15, 2022 Author : CyberDefenders Size : 2.8 GB Tags : Windows Disk ransomware log4shell Uncompress the challenge (pass: cyberdefenders.org) Scenario For the last week, log4shell vulnerability has been gaining much attention not for its ability to execute arbitrary commands on the vulnerable system but for the wide range of products that depend on the log4j library. Many of them are not known till now.

DumpMe Info Category : Digital Forensics SHA1SUM : 70f1bafca632f7518cb0a0ee126246b040247b37 Published : May 30, 2021 Author : Champlain College Size : 1.2 GB Tags : Volatility DFIR Windows Memory Scenario One of the SOC analysts took a memory dump from a machine infected with a meterpreter malware. As a Digital Forensicators, your job is to analyze the dump, extract the available indicators of compromise (IOCs) and answer the provided questions. Tools Volatility 2 sha1sum Questions 1 - What is the SHA1 hash of Triage-Memory.

HawkEye Info Category : Digital Forensics, Malware Analysis SHA1SUM : bd7239a7c1e33f4d616242fe892888befc9fashed Published : March 3, 2022 Authors : Brad Duncan and Manuel GRegal Size : 1.3 MB Tags : PCAP WireShark Network BRIM Uncompress the challenge (pass: cyberdefenders.org) Scenario An accountant at your organization received an email regarding an invoice with a download link. Suspicious network traffic was observed shortly after opening the email. As a SOC analyst, investigate the network trace and analyze exfiltration attempts.

l337 S4uc3 Info Category : Digital Forensics, Incident response SHA1SUM : 94ac99ef544086f0be9f5f6b00ae1a0834b0027b Published : Nov. 16, 2021 Author : Wyatt Roersma Size : 117 MB Tags : Wireshark PCAP Memory Network Uncompress the challenge (pass: cyberdefenders.org) Scenario Everyone has heard of targeted attacks. Detecting these can be challenging, responding to these can be even more challenging. This scenario will test your network and host-based analysis skills to figure out the who, what, where, when, and how of this incident.

MrRobot Info Category : Digital Forensics SHA1SUM : b8dab80336c37688f276bfbfac0ac1681398a30d Published : May 18, 2022 Author : Wyatt Roersma Size : 1.1 GB Tags : PHISHINGWINDOWSMEMORYRAT Scenario An employee reported that his machine started to act strangely after receiving a suspicious email for a security update. The incident response team captured a couple of memory dumps from the suspected machines for further inspection. Analyze the dumps and help the IR team figure out what happened!