Forum Widgets
Recent Discussions
Templates do not add systems
Hello everybody, I just registered yesterday for snaplabs and wanted to deploy a template (does not matter which, I tried several). The problem I am encountering is, that snaplabs does not add any systems to the range and keeps on hanging. Here are some screenshots: Here are no instances listed: Also in the AWS dashboard, nothing but the IP shows up: What is wrong here? I simply clicked on a template, did not even change the name
Incident Response Introduction to Detection Engineering: Ep.5 – Custom Alerting
Task 3 - Note: It may take a couple of minutes for the token to appear in the index. I'm struggling with the python that it's been taking too long to create a custom_alert_index to autimatically complete it. it's in Task 3 and I need the good code for the task to be completed and the token as well.
Snort Rules Ep.10 Q7
Stuck in Q7: Identify the suspicious domain that appears in both PCAP files. Create a Snort Rule to detect packets using this domain from the IP address in question 2. I've identified the domain used by the IP address in Q2. I've tried different ways but can't seem to narrow it down. Already spent so much time with this one question. I've answered 12 of 13. This is the only one left and I don't know what I'm missing. Am I misunderstanding the question? Here's my rule: alert tcp any any -> any 80 (msg: "Testing Alert" ; sid:1000001; content:"7b2cdd48.ngrok.io";) I've tried modifiers, I tried narrowing filter to just GET methods, actually specifying the destination or source IP and ports, adding "http://" to content. Sometimes I would narrow it down to matching 4 packets which is still "too many", or down to two packets, which is "not enough"... which tells me I need to match three packets. Any hints would be much appreciated at this point. Thanks!
Cross_site Scripting DOM-based XSS vulnerability
I am doing the Cross-Site Scripting (XSS) DOM-based XSS lab and I am trying to get the last step of the lab which is identifying the DOM-based XSS vulnerability. I am pretty sure it would not be something like <script> alert("xss") </script> since I do not think Javascript would handle it. I am leaning towards the event handlers like onerror but haven't gotten it figured out quite yet. Any clues or suggestions would be appreciated.Create Teams for Students and assign tasks to be completed
Dear community, being a professor at a university, I'm trying to create a group where i can invite students in order to complete the tasks of a laboratory that are important to the subject we are learning. I have had the experience on the past but as I see a lot has changed and I cant find how to do that now. Can someone guide me through process please?
Trick or Treat on Specter Street: Widow's Web
I am very stucked in Trick or Treat on Specter Street: Widow's Web I can't do none of the questions, but in any case I start by 4th that is the first answerable one Your first task is to simulate the loyal Crawlers. Run legitimate-crawler and inspect the output in Lab-Files to observe their behavior. To simulate the rogue Crawlers, you must discover the hidden paths on the website. Read the blog posts – they contain clues. Disallow these in Website-Files/robots.txt and run malicious-crawler. Inspect the output in Lab-Files. What is the token? I have created the robots.txt file since I understand that malicious-crawler goes expressedly there. My robots.txt contains all url's I can imagin Disallow: /secret Disallow: /treat Disallow: /hidden Disallow: /crypt Disallow: /warden Disallow: /rituals Disallow: /witch-secrets Disallow: /admin Disallow: /vault Disallow: /uncover Disallow: /post1 Disallow: /post2 Disallow: /post3 Disallow: /post4 Disallow: /contact Disallow: /drafts/rituals But the result of malicious-crawler.txt doesn't give me either a token nor a hint I have curl-ed all pages looking for words as token and nothing. I have found some key words in http://127.0.0.1:3000/witch-secrets as intercepted-incantations, decoded them and nothing. I have searched in spider-sigthings.log what hapened at 3.00 am but nothing Can someone gime me a hint?
CTI First Principles: Threat Actors and Attribution Question 8
For the question: Which sub-technique has been attributed to this threat actor in the Credential Access Tactic? as the briefing was talking about phishing through attachment, for some reason, the answer Spearphishing Attachment, was not correct. I am wondering about where else I shoud be looking into as the main report mostly taked about email delivery methods in terms of initial access to credentials
If your question has been answered, help others by clicking:
