Most Recent
-
Velociraptor: WALKTHROUGH
Velociraptor In this room, we will explore Rapid7’s newly acquired tool known as Velociraptor. Per the official Velociraptor documentation, “Velociraptor is a unique, advanced open-source endpoint monitoring, digital forensic and cyber response platform. It was developed by Digital Forensic and Incident Response (DFIR) professionals who needed a powerful…
-
Disgruntled: WALKTHROUGH
Hey, kid! Good, you’re here! Not sure if you’ve seen the news, but an employee from the IT department of one of our clients (CyberT) got arrested by the police. The guy was running a successful phishing operation as a side gig. CyberT wants us to check if…
-
Unattended: WALKTHROUGH
Welcome to the team, kid. I have something for you to get your feet wet. Our client has a newly hired employee who saw a suspicious-looking janitor exiting his office as he was about to return from lunch. I want you to investigate if there…
-
Intro to Malware Analysis
Every once in a while, when you are working as a SOC analyst, you will come across content (a file or traffic) that seems suspicious, and you will have to decide whether that content is malicious or not. It is normal to feel confused with all the…
-
TheHive Project
Welcome to TheHive Project Outline! This room will cover the foundations of using the TheHive Project, a Security Incident Response Platform. Specifically, we will be looking at: Before we begin, ensure you download the attached file, as it will be needed for Task 5. TheHive…