Hi, in this room we will exploit a vulnerable Domain Controller. Original Publish Date: Feb 28, 2023 We will need some tools likepython3-impacket, bloodhound and neo4j to utilize while attacking Active Directory. Installing bloodhound will install neo4j too on Kali. Enumeration: Welcome to Attacktive Directory Let’s start the machine, wait for it to boot up…

Check out Splunk 2 room on TryHackMe Based on version 2 of the Boss of the SOC (BOTS) competition by Splunk. Original Publish Date: Dec 31, 2022 100 Series Questions The first objective is to find out what competitor website she visited. What is a good starting point? When it comes to HTTP…

Hi, in this walkthrough I won’t be doing any other questions considering they already have answers within the room. Original Publish Date: Nov 28, 2022 As a SOC analyst, you have been tasked with investigations on malware and APT groups rampaging through the world. Your assignment is to look into…

Check out the Volatility room on TryHackMe Hi, in this walkthrough, I will try to explain investigation steps with Volatility. I won’t use any hints for the sake of doing this room black box. Reference I’m using is their GitHub wiki page Original Publish Date: Nov 20, 2022 Case 1 — BOB! THIS ISN’T A HORSE! Your SOC…

Check out the Scripting room on TryHackMe Original Publish Date: Sep 29, 2022 1 — Base64 This file has been base64 encoded 50 times — write a script to retrieve the flag. Try to do this in both Bash and Python! Read input from the file Use function to decode the file Do…

Check out Alfred room on TryHackMe Original Publish Date: Sep 29, 2022 1 — Initial Access Starting our enumeration with nmap like this command: nmap -A -Pn -vv -T5 -p- 10.10.81.101 | tee -a nmap_results.txt Flags that I’m using: For aggressive scanning (version & OS) -A Because machine does not respond to ping -Pn …

Check out the Net Sec Challenge room on TryHackMe Original Publish Date: Sep 29, 2022 After the virtual machine boots up, I start by scanning it with nmap and piping it to a file (tee -a <file>) (in case I need to look at the results again) Arguments I’m using: …

Use Autopsy to investigate artifacts from a disk image. In the attached VM, there is an Autopsy case file and its corresponding disk image. After loading the .aut file, make sure to re-point Autopsy to the disk image file. Ingest Modules were already ran for your convenience. Your task is…

A revitalized, hands-on showcase involving analyzing malicious macro’s, PDF’s and Memory forensics of a victim of Jigsaw Ransomware Task 1 Introduction (Zeltser Security Corp., 2020) Welcome to the Redux of REMnux. Since the release of the previous REMnux room, REMnux has had substantial changes, rendering the previous room outdated and impossible to complete. …