Recent DiscussionsMost RecentNo Solutions YetSolutionsNo Replies YetThreat Actors: Salt Typhoon – SNAPPYBEE Campaign Analysis - Question 7 In relation to What is the device that tcpdump is dumping packets from? For some reason win-host-1.asgard.corp and win-host-1 does not work and NPF_{B1ADE8FD-CC9A-4857-9C50-28078779F038}...Threat Actors: Salt Typhoon – SNAPPYBEE Campaign Analysis - Question 3 For the question There is a .bat file that is executed on the victim machine. What is the file path of the .bat file?, for some reason I cant pick up any strings in general with that pattern. I am ...Threat Actors: Mint Sandstorm – Campaign Analysis - Question 9 In relation to the What named local variable holds the IP address from the for loop? I have been checking out the local varaibles but as per the for loop none of the variables typed in w...SolvedEthereum: The Blockchain, Transactions, and Explorers Hi All, I am super stuck on question 9' After completing the previous question, a certain number of ETH was sent to your wallet. Using the blockchain explorer, what is the address that sent you this...Microsoft Sentinel SOAR: Demonstrate Your Skills I have tried to complete the Microsoft Sentinel SOAR lab. I saw the following information, which is limiting my access. I am unable to complete any task that involves role assignment. I was able to c...Microsoft Sentinel SOAR: Demonstrate Your Skills I am currently working on the Microsoft Sentinel SOAR lab, which involves the use of logic app for automation. From task 4 of the lab, which requires me to do the below and the lab will automatically...APT43: Malware Analysis - Question 8 In relation to the type of files are they once extracted? After extracting the files, I was basically trying multiple file extensions, from XML type files, to VBA as per the briefing. I am wo...Threat Actors: APT43 - Question 7 In relation to What Resource Development technique was used to facilitate the hosting of beacons, implants, and file exfiltrators? For some reason Obtain Capabilities is wrong, and I trie...SolvedAPT34: PoisonFrog - Question 6 For the What is the name of the file that executes the HTTP and DNS handling scripts?, I am confused on where I should be digging deeper as the powershell script was showcased to be wrong in terms ...SolvedAPT34: Glimpse - Question 4 For What is the name of the Visual Basics script that is used to run the malicious PowerShell script?, I am wondering about where should I dig deeper into volatility into extracting the command his...SolvedHafnium: ProxyLogon (Offensive) - Question 3 For the FQDN, I am wondering about where I am going wrong as I am basically using the command expected of this lab. However, there wasn't any shell code provided nor any expecations of wha...SolvedHafnium: ProxyLogon (Offensive) - Question 3 For the FQDN, I am wondering about where I am going wrong as I am basically using the command expected of this lab. However, there wasn't any shell code provided nor any expecations of wha...SolvedApache Header Tampering Can someone point me to the right track? On this one, I found the hidden directory, used an X-Forwarded-For: to see into that directory where scanning for files showed a lot of 404s, with just a few ...SolvedRansomware: Darkside - Question 9 In terms of determining the name of the service that is installed after the ransomware was executed, there doesn't seem to be any service installation activities observed from the endpoint. Wonde...SolvedKerberos: Active Directory Certificate Services lab - getting KRB-ERROR (16): KDC_ERR_PADATA_TYPE_NOSUPP Lab: Kerberos: Active Directory Certificate Services - Labs - Immersive I am not able to get tgt ticket using this command .\Rubeus.exe asktgt /certificate:cert.pfx /user:Administrator /ptt ...Hafnium: Detection of IoCs - Question 5 For the Which web shell in the auth folder matches those detected in the Microsoft report? What does the question mean by Microsoft Report? is it talking about the PowerShell ISE output? ev...SolvedRansomware: Darkside - Question 8 For some reason there is no data in the Splunk terminal despite running the malware, I am wondering about why that may be an issue or if I should be looking else where? SolvedAI Blue Teaming Foundations: Introduction to AI Blue Teaming (Part 2) - Q7 Impossible https://iml.immersivelabs.online/v2/labs/ai-blue-teaming-foundations-introduction-to-ai-blue-teaming-part-2 Is it just me? OR is this lab impossible to complete? Modern Encryption Issue I'm on the last training under Modern Encryption training. I'm getting this error: ─$ openssl enc -des-ede3-cbc -d -pbkdf2 -nosalt -in encrypted_file_3DES.enc -out DES3 enter des-ede3-cbc decrypti...SolvedCross_site Scripting DOM-based XSS vulnerability I am doing the Cross-Site Scripting (XSS) DOM-based XSS lab and I am trying to get the last step of the lab which is identifying the DOM-based XSS vulnerability. I am pretty sure it would not be so...Solved
Tagshelp & support249immersive labs144defensive cyber90offensive cyber64challenges60questions & feedback49cloud security47application security46other21immersive labs application security16
