Posts for: #Web

GothamLegend Incident Response – PowerShell Malware Analysis

Scenario Recently the networks of a large company named GothamLegend were compromised after an employee opened a phishing email containing malware. The damage caused was critical and resulted in business-wide disruption. GothamLegend had to reach out to a third-party incident response team to assist with the investigation. You are a member of the IR team - all you have is an encoded Powershell script. Can you decode it and identify what malware is responsible for this attack?
[Read more]

LetsDefend HTTP Basic Authentication Analysis – PCAP Investigation

Description In this challenge, we receive a log indicating a possible web-based attack. The objective is to analyze a provided PCAP file and extract meaningful information related to HTTP activity and authentication. Investigation Process Recovering the PCAP File The PCAP was initially obtained in a Vm from there i obtained the files. The following commands were used to take the files out of the vm as here was not much network traffic so no large size of the file:
[Read more]