Scenario You are a junior security analyst at a small Japanese cryptocurrency trading company. After detecting suspicious activity on the internal network, you exported a PCAP for further investigation.
Description In this challenge, we receive a log indicating a possible web-based attack.
The objective is to analyze a provided PCAP file and extract meaningful information related to HTTP activity and authentication.
Investigation Process Recovering the PCAP File The PCAP was initially obtained in a Vm from there i obtained the files.
The following commands were used to take the files out of the vm as here was not much network traffic so no large size of the file: