(Writeup) LetsDefend Challenge - Brute Force Attacks
Analyzing a PCAP and Linux auth.log to investigate HTTP, RDP, and SSH brute-force activity, identifying successful credential compromise, and quantifying failed login attempts.
Challenge
(Writeup) LetsDefend Challenge - Disclose The Agent
Analyzing an SMTP PCAP to identify leaked credentials, decode Base64 authentication data, extract and reconstruct an email attachment from network traffic, and verify file integrity through hashing.
(Writeup) LetsDefend Challenge - Investigate Web Attack
Analyzing raw Apache access logs with Bash tools to identify reconnaissance with Nikto, forced browsing, successful login brute force activity, and command injection leading to account creation on the target system.
(Writeup) LetsDefend Challenge - Http Basic Auth.
Analyzing a PCAP file to identify HTTP GET requests, enumerate server and client details from HTTP headers, and decode Basic Authentication credentials using Wireshark and CyberChef.
(Writeup) LetsDefend Challenge - Phishing Email
Analyzing a suspicious PayPal-themed email by reviewing headers, identifying a deceptive return path, extracting a URL hosted on a trusted platform, validating domain reputation, and confirming phishing activity leveraging living-off-trusted-sites techniques.
(Writeup) LetsDefend Challenge - Shellshock Attack
Analyzing Shellshock attack activity in a PCAP file using Wireshark, identifying the target server details and the injected command.
(Writeup) LetsDefend Challenge - Port Scan Activity
Analyzing port scan activity in a PCAP file using Wireshark, identifying the scanning host, discovered systems, and network indicators.
(Writeup) LetsDefend Challenge - MSHTML
Analyzing malicious Office documents exploiting MSHTML (CVE-2021-40444), using oletools to extract indicators, identify malicious domains and IPs, and investigate document-based exploitation.
(Writeup) HackTheBox Labs - Challenge - OnlyHacks
Demonstrating cross-site scripting (XSS) exploitation, session cookie theft, and practical web application enumeration in a Very Easy web challenge.
(Writeup) LetsDefend Challenge - Excel 4.0 Macros
Analyzing a malicious Excel 4.0 (XLM) macro document using XLMMacroDeobfuscator and oletools to identify process execution, regsvr32 abuse, and DLL payload behavior.
(Writeup) LetsDefend Challenge - Malicious Doc
Analyzing a malicious Word document using VirusTotal to identify RTF exploit behavior, CVE-2017-11882 abuse, payload delivery, and network communication.
(Writeup) LetsDefend Challenge - Remote Working
Analyzing a malicious XLS file using VirusTotal to identify detection signatures, dropped files, spyware download URLs, and file intelligence indicators.
(Writeup) LetsDefend Challenge - Malicious VBA
Analyzing a malicious VBA macro document, decoding obfuscated hex strings, identifying payload delivery, and investigating HTTP communication and WMI execution techniques.
(Writeup) LetsDefend Challenge - Learn Sigma
Analyzing a Sigma rule for detecting bitsadmin.exe abuse, explaining rule structure, detection logic, and ransomware-related process_creation monitoring.