Welcome🖐

Refer to Malbuster for the challenge room on TryHackMe Scenario As a Malware Reverse Engineer. Our team supports the SOC team when unknown binaries are detected. A SOC analyst found an alert triggered by suspicious binaries. Our job is to analyze these binaries and provide information to help the SOC... [Read More]

Refer to Investigating Windows for the challenge room on TryHackMe Scenario This challenge involves investigating a previously compromised Windows machine, presenting several key obstacles. Tasks #1 What’s the version and year of the windows machine? By going to "About" in Windows settings, we can find the machine's version and year.... [Read More]

Refer to Boogeyman3 for the challenge room on TryHackMe Scenario The Boogeyman bypassed Quick Logistics LLC's security by compromising an employee and remained undetected, waiting to launch further attacks. From initial email access, the attackers targeted CEO Evan Hutchinson to escalate their efforts.The email seemed suspicious, yet Evan opened the... [Read More]

Refer to Boogeyman2 for the challenge room on TryHackMe Artefacts For the investigation, we will receive the following items: A copy of the phishing email. A memory dump of the victim's workstation. Tools $ volatility_3: An open-source framework for extracting data from RAM samples. Note: It may take a few... [Read More]

Refer to Boogeyman1 for the challenge room on TryHackMe Artefacts For the investigation, we will be provided with the following artefacts: Copy of the phishing email (`dump.eml`) PowerShell logs from Julianne's workstation (`powershell.json`) Packet capture from the same workstation (`capture.pcapng`) Note: The powershell.json file contains JSON-formatted PowerShell logs extracted from... [Read More]