Recent DiscussionsMost RecentNo Solutions YetSolutionsNo Replies YetAPT29 Threat Hunting with Splunk: Demonstrate Your Skills - Question 10 In relation towards the question : A PowerShell script was initially executed to extract encoded data from an image file. What is the full ParentCommandLine field value used to execute this? I am p...SolvedThreat Actors: Salt Typhoon – SNAPPYBEE Campaign Analysis - Question 7 In relation to What is the device that tcpdump is dumping packets from? For some reason win-host-1.asgard.corp and win-host-1 does not work and NPF_{B1ADE8FD-CC9A-4857-9C50-28078779F038}...SolvedThreat Actors: Mint Sandstorm – Campaign Analysis - Question 9 In relation to the What named local variable holds the IP address from the for loop? I have been checking out the local varaibles but as per the for loop none of the variables typed in w...SolvedThreat Actors: APT43 - Question 7 In relation to What Resource Development technique was used to facilitate the hosting of beacons, implants, and file exfiltrators? For some reason Obtain Capabilities is wrong, and I trie...SolvedAPT34: PoisonFrog - Question 6 For the What is the name of the file that executes the HTTP and DNS handling scripts?, I am confused on where I should be digging deeper as the powershell script was showcased to be wrong in terms ...SolvedAPT34: Glimpse - Question 4 For What is the name of the Visual Basics script that is used to run the malicious PowerShell script?, I am wondering about where should I dig deeper into volatility into extracting the command his...SolvedHafnium: ProxyLogon (Offensive) - Question 3 For the FQDN, I am wondering about where I am going wrong as I am basically using the command expected of this lab. However, there wasn't any shell code provided nor any expecations of wha...SolvedHafnium: ProxyLogon (Offensive) - Question 3 For the FQDN, I am wondering about where I am going wrong as I am basically using the command expected of this lab. However, there wasn't any shell code provided nor any expecations of wha...SolvedHafnium: Detection of IoCs - Question 5 For the Which web shell in the auth folder matches those detected in the Microsoft report? What does the question mean by Microsoft Report? is it talking about the PowerShell ISE output? ev...SolvedApache Header Tampering Can someone point me to the right track? On this one, I found the hidden directory, used an X-Forwarded-For: to see into that directory where scanning for files showed a lot of 404s, with just a few ...SolvedRansomware: Darkside - Question 9 In terms of determining the name of the service that is installed after the ransomware was executed, there doesn't seem to be any service installation activities observed from the endpoint. Wonde...SolvedRansomware: Darkside - Question 8 For some reason there is no data in the Splunk terminal despite running the malware, I am wondering about why that may be an issue or if I should be looking else where? SolvedInvestigating IAM Incidents in AWS: Preparation - Question 7 For the question: The ‘MetrolioQA’ IAM role in your account grants write access to a ‘metrolio’ role from another account. What is the full name of the external principle? I can't seem to find insi...SolvedMobile Malware: Anubis Malware (Offensive) - Question 8,9 despite obtaining the encrypted value, seems like RC4 decryption doesn't work with zanubis as the password. I am wondering where should I pivot into? For question 9: where should I look int...SolvedModern Encryption Issue I'm on the last training under Modern Encryption training. I'm getting this error: ─$ openssl enc -des-ede3-cbc -d -pbkdf2 -nosalt -in encrypted_file_3DES.enc -out DES3 enter des-ede3-cbc decrypti...SolvedAI Agent Governance: Auditing an Over-Privileged Agent Hi, i solved every Task exept 16 i reviewed metrolio-finance-agent-role metrolio-finance-lambda-role and the Trust relationship Idont know what to do, i cant edit the trust policy either. ...SolvedOT Cyber Threat Intelligence: Collection / Question 14 https://immersivelabs.online/labs/ot-cyber-threat-intelligence-ep-3-collection/objectives/555bd71ddbebd6ab9b8e2e7dfc8254b7?objective-state=assigned I'm unable to find the answer to this question:...SolvedCross_site Scripting DOM-based XSS vulnerability I am doing the Cross-Site Scripting (XSS) DOM-based XSS lab and I am trying to get the last step of the lab which is identifying the DOM-based XSS vulnerability. I am pretty sure it would not be so...SolvedSystems Manager: Introduction - Question 2 For some reason I can't seem to create the Endpoint as per the briefing guide. Wondering what I am doing wrong SolvedMicrosoft Foundry Guardrails: Jailbreak Protection issue with http://metroliochat.com Hello, I started the Microsoft Foundry Guardrails series and got through creating a filter. The next step is to switch to the http://metroliochat.com tab and enter some prompts. However, that url is...Solved
Tagshelp & support250immersive labs147defensive cyber90offensive cyber64challenges60questions & feedback50cloud security48application security46other21immersive labs application security16
