Forum Discussion

Bronze I

8 months ago

APT29 Threat Hunting with Elasticsearch: Ep.11 – Demonstrate Your Skills

Hello! I could rather easily get the answers for the other questions, but Q6 has really taken me aback. The question is: A PowerShell script was executed to assist with further enumeration. What co...

defensive cyber

RobN

Bronze III

8 months ago

As far as I remember on these labs I searched for the powershell codes within elasticsearch and then looked at what it was passing alongside powershell.exe

Forum Discussion

APT29 Threat Hunting with Elasticsearch: Ep.11 – Demonstrate Your Skills

Featured Places

Help & Support Forum

Related Content

APT29 Threat Hunting with Elasticsearch: Ep.5 – LNK File Analysis - Tools?

APT29 Threat Hunting with Splunk: Ep.11 – Demonstrate Your Skills - Question to Q9

S3: Demonstrate Your Skills

APT29 Threat Hunting with Splunk: Ep.4 – Clean-up & Reconnaissance

Zeek - Demonstrate Your Skills

Recent Discussions

Advanced CTF Challenge: Inner Maze

Advanced CTF Challenge: Hardened Maze

"You are not licensed to view this lab"

Serial Maze Support Group

Unable to access Developer tools in the lab