N0cT1s41

1. Case Overview:An employee at a large company was assigned a task with a two-day deadline. Realizing that he could not complete the task in that timeframe, he sought help from someone else. After one day, he received a notification from that person who informed him that he had managed to finish the assignment and sent it to the employee as a test. However, the person also sent a message to the..

해당 문제는 CyberDefenders의 CorporateSecrets Lab 문제에 대한 풀이입니다Q1. What is the current build number on the system?FTK Imager를 통해 SOFTWARE를 추출하고 Registry Explorer로 열어 Current Version-Current Build Number를 보면 확인 할 수 있다.Q2.How many users are there?FTK Imager에서 Users를 확인하면 사용자를 확인 할 수 있다.Q3.What is the CRC64 hash of the file "fruit_apricot.jpg"?CRC-64 hash cheksum이라 검색해보니 Toolkit Bay 사이트를 확인할 수 있었다.Q4. Wha..

해당 문제는 CyberDefenders의 Szechuan Sauce Lab 문제에 대한 풀이입니다.1. Case Overview: Your bedroom door bursts open, shattering your pleasant dreams. Your mad scientist of a boss begins dragging you out of bed by the ankle. He simultaneously explains between belches that the FBI contacted him. They found his recently-developed Szechuan sauce recipe on the dark web. As you careen past the door frame you are a..

해당 문제는 CyberDefenders의 Sysinternals Lab 문제에 대한 풀이입니다.1. Challenge descriptionA user thought they were downloading the SysInternals tool suite and attempted to open it, but the tools did not launch and became inaccessible. Since then, the user has observed that their system has gradually slowed down and become less responsive. As a SOC Analyst, analyze the artifacts and answer the questions. Q1. ..

보호되어 있는 글입니다.

해당 문제는 CyberDefenders의 RedLine Lab 문제에 대한 풀이입니다.1. Challenge descriptionAs a member of the Security Blue team, your assignment is to analyze a memory dump using Redline and Volatility tools. Your goal is to trace the steps taken by the attacker on the compromised machine and determine how they managed to bypass the Network Intrusion Detection System "NIDS". Your investigation will involve identi..