Human Connection Challenge: Season 1 – Scanning Walkthrough Guide (Official Version)
Time’s Up! Congratulations to everyone who completed Lab 2: Scanning from the Human Connection Challenge: Season 1. In this walkthrough, I'll share some strategies for efficiently completing the lab, based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! The goal is to learn, and I hope these notes help clarify any steps and reinforce key concepts for the next challenge. This challenge has now ended, but the lab remains available for practice. While prizes are no longer up for grabs, you can still complete the lab and use this walkthrough guide for support if needed. I’ve also used placeholders in some of the commands that would give away an answer directly, so if you see anything enclosed in angle brackets, such as <name server>, please make sure you replace it with the actual value, such as nameserver. With all that considered, let's get started. Overview Task: Identify the name server records of tinytown.bitnet. 1. What is the IP of the first name server for tinytown.bitnet? You’ll first need to open a Terminal on the Kali desktop. Next, you’ll need to query the DNS Server IP (found in the Machines panel) about the tinytown.bitnet domain using the nslookup (Name Server Lookup) tool. You’re specifically looking for NS (Name Server) records, so you can use the -type=ns parameter with nslookup to specify this: nslookup -type=ns tinytown.bitnet [DNS Server IP] The output of this command will return two name servers for the domain labelled with 1 and 2. Your next step is to identify what IP address is associated with the first name server (1). To do this, you can use nslookup along with the name server, domain, and DNS Server IP: nslookup <name server>1.tinytown.bitnet [DNS Server IP] This command will then return an IP address for the name server. 2. What is the IP of the second name server for tinytown.bitnet? As you’ve already identified both name servers, you’ll just need to run the previous command, except with the second (2) name server: nslookup <name server>2.tinytown.bitnet [DNS Server IP] You’ll then find the IP address associated with it. Task: Identify port service information for Target 1. 3. What service version is running on port 53? A network scanning tool like Nmap can help you identify the service version running on a specific port. To do this with Nmap, you can use the -sV option for service detection: nmap -sV [Target 1 IP Address] The output will show what service version is running on port 53. 4. What is the full service banner of port 22? There are a couple of ways to find the full service banner of port 22 – such as with Nmap or Netcat. If you’re using Nmap, you can modify the previous command to include the “banner” script along with the port number: nmap -sV -script=banner [Target 1 IP Address] -p22 The command line will then display the service banner from port 22. You can alternatively use netcat to manually connect to the SSH server. When a client connects, Netcat may present a banner that contains version information. To use Netcat, you’ll need the nc command along with the Target 1 IP address and specify you want to connect to port 22: nc [Target 1 IP Address] 22 When you run this command, the banner appears before the terminal hangs. Task: Identify a token on one of the ports. 5. What is the token? With the previous Nmap command, you initially found that three ports were open on Target 1. However, you’ll need to do a more thorough network scan to find another open port, one not initially found with the previous scans. To do this, you can expand your port scan to cover a much wider range by using Netcat to scan for open ports from 1 through 9000: nc -zvn <Target 1 IP Address> 1-9000 Here, -z will scan for listening services but won’t send any data, -v is verbose mode, which provides more detailed information, and -n tells Netcat not to resolve hostnames via DNS. This command will reveal a fourth open port. Now, you can use Netcat to connect to this port: nc <Target 1 IP Address> <open port> The token will then be displayed in the terminal. Task: Scan the TLS configuration on Target 2. 6. How many protocols are enabled? To scan for SSL/TLS configurations, you can use the sslscan tool. By default, sslscan scans port 443 and will return supported server ciphers, certificate details, and more. You can use sslscan like this: sslscan <Target 2 IP Address> The returned output will be verbose, but you can find and count the number of enabled protocols under the SSL/TLS Protocols subheading. 7. Name an enabled protocol. Using the previous output, name one of the enabled protocols. 8. What exploit are the protocols NOT vulnerable to? Using the same output, scroll down through the results until you find a subheading that’s named after a vulnerability and contains a similar string to: <Protocol> not vulnerable to <vulnerability name> The vulnerability has the same name as the subheading. Task: Identify and extract information from an SMB share on Target 3. 9. What Disk shared directory can you access? To extract information from an SMB (Server Message Block) share, you can use the smbclient tool. First, you’ll need to list the SMB shares on the target using the -L flag (the list/lookup option) with: smbclient -L //<Target 3 IP> You’ll then be prompted for a password, but you can press Enter to skip this. A list of SMB shares will then be displayed, three of which are shown to be a Disk type, so you know the answer will be one of these. You can now begin to go through the list and try to connect to the shares with: smbclient //<Target 3 IP>/<Sharename> However, this time when you’re prompted for a password and you press Enter, you might encounter a message when you try and connect to a share: NT_STATUS_ACCESS_DENIED If you attempt to connect to all shares, you’ll find you can connect to one share without a password. You’ll then be greeted with the following prompt to show the successful connection: smb: \> 10. What is the token stored in the directory? Now that you’re connected, you can execute commands to interact with the SMB share. If you run ls, you’ll find a token.txt file in the current directory. You can then download the file from the share onto your local machine with: get token.txt On the Kali desktop, open the Home folder and the token.txt will be inside. Open this file and find the token. 11. What is the username stored in the directory? After you’ve run ls in the SMB share, you’ll find not only token.txt, but also a file named creds.txt. Use the same command as you just did previously to download the file onto your machine: get creds.txt This file will also be downloaded to the Home folder, where you can find a username and password. Task: Identify open services on Target 3. Task: Connect to Target 3 with the previously found credentials. 12. What is the token stored in the user's /Documents directory? For this final task, you first need to scan the target using Nmap. You’ll find that if you attempt to scan the target without using the -Pn flag, you’ll get a response saying that the host seems down. However, if you run Nmap with -Pn, you’ll find some ports are open: nmap -Pn <Target 3 IP Address> However, the ports returned from this command don’t offer a way to connect to the target. You’ll also need to scan the 6000 most popular ports: nmap -Pn --top-ports 6000 <Target 3 IP Address> These results will now show two additional ports are open regarding the Web Services Management (Wsman) protocol, which is used to communicate with remote machines and execute commands. One of the tools that implement this protocol is Windows Remote Management (WinRM) which is Microsoft’s implementation of Wsman. Knowing this, you can now use Metasploit to interact with the target. In your terminal, run: msfconsole Once loaded, you can use the the following auxiliary module to connect to a system with WinRm enabled and execute a command with: set cmd ls You’ll then need to set the following options, using the credentials you found in the creds.txt file: set username <username> set password <password> set rhosts <Target 3 IP Address> Next, you need to set the cmd option with the command you want to run. If you use the ls command, you’ll be able to find what out files are in the directory you connect to: set cmd ls With all the options set, you can now run the module: run The results of the executed command will be printed on the screen and also saved to a directory, but both show the existence of a token.txt file in the current directory. You can now set the cmd option to type token.txt in Metasploit: set cmd type token.txt Once set, use the run command to send the updated command: run The contents of token.txt will then be displayed on the screen and outputted to a file. Tools For this challenge, you’ll use a range of tools including: Nslookup Nmap Netcat Sslscan Smbclient Metasploit Tips You can use different tools and parameters within those tools to scan for and find information, so don’t be afraid to try out a few different things! If you want to learn more about some of the tools within this lab, take a look at the following collections: Reconnaissance Nmap Infrastructure Hacking Introduction to Metasploit Post Exploitation with Metasploit Conclusion The steps I’ve laid out here aren’t the only way to find the answers to the questions, as long as you find the answer, you did it – well done! If you found another way to find some of these answers and think there’s a better way to do it, please post them in the comments below! I hope you enjoyed the challenge and I’ll see you for the next one.Mastering Crisis Sim: 5 Tips for Easy Customization
Drawing on three years of Crisis Sim experience, I’ve identified five essential elements that consistently lead to successful custom simulations. 1. Have a good plan Having a plan is vital to dealing with a crisis, and the same thing goes for creating a Crisis Sim. When planning a crisis scenario, it can be extremely helpful to have a general outline of the storyline, different branches, and specific IR goals to hit before creation begins. This can be done in many different ways, depending on your preference. A whiteboard session, document outline, Figma, or even pen and paper can help outline different injects, attack vectors, and responses. 2. Use naming conventions to keep things organized When creating a multi-branch exercise, injects can often be reused or slightly modified to engage users and reflect the impact of their previous choices. However, with multiple copies of injects, it can be difficult to track which inject links to which option or how it flows into other branches. Organizations have found that using simple naming conventions greatly reduces confusion. For example, including the inject number and different branches ([Inject], [Branch]) provides a clear visual and numerical reference. This approach is especially helpful when managing copied injects with identical titles. 3. Create useful attachments Crisis Sims and tabletops are all about engaging the audience and immersing them in the scenario. Adding useful attachments can significantly enhance realism with minimal effort. Attachments in injects provide context, information, or illustrate the effects of previous decisions. Organizations often use sanitized SOC screenshots, short videos featuring leaders, or their IR playbook to drive engagement. With support for various file types, these additions make scenarios more interactive and realistic. 4. Flexible interludes Interludes are a new type of inject in Crisis Sim that don’t require action or voting from participants, offering versatile use cases. Interludes can be used to bring the audience back to the main branch if they begin to choose options that aren’t in line with playbooks, framing it as a decision made by a manager or leader. Interludes can also be used as a conversation starter rather than relying on voting, as conversation is key during crisis exercises. Instead of listing a few options, interludes can allow for open-ended questions, which lead to discussions on the best next steps or things to consider as the scenario progresses. Interludes can also introduce new issues and provide more context. 5. ‘Create with AI’ to get started ‘Create with AI’ is a new feature in Crisis Sim that allows organizations to create customized scenarios with artificial intelligence. This feature is great at getting a highly customized scenario started, all within a few minutes. When using ‘Create with AI’, it’s vital to provide as much information within the title as you can. Giving more information within the prompt will lead to a better scenario. Additionally, AI is still growing and improving, so take a deep look at the scenario after creation and make alterations where needed. Share your thoughts Have you got any top tips for customizing Crisis Sims? Comment below and share them with The Human Connection Community!Making the Most of the Custom Lab Builder: Tone of Voice
Now you can build your own labs in the Custom Lab Builder, we thought we’d provide some guidance on writing with a strong tone of voice to ensure your labs are as engaging as possible. This blog is the third in a series on making the most of the Lab Builder, looking at what we call the Four Cs. Ensuring your writing is… Conversational Concise Conscious Consistent The previous two posts looked at accessibility and inclusivity. This post focuses on tone of voice and how to write authentically to ensure your audience engages with the lab and remembers the message you’re trying to teach them. Writing well For most of your life, you’ve probably been told to write properly. Avoid contractions at all costs. Use complex sentences with plenty of fancy connecting words like “furthermore” and “moreover”. And never start a sentence with “and”. This formal style works really well for some industries. Academia is traditionally an incredibly formal area when it comes to the written word, as is the broadsheet newspaper realm. This is often to reflect the work’s sincerity, to avoid weakening a writer’s reputation, and to present ideas consistently and objectively. But Immersive Labs believes writing can be sincere and objective without being so... dull! Be conversational Copywriting is increasingly conversational, appearing everywhere from LinkedIn posts to the back of your milk carton. This style engages readers by feeling personal and authentic, aligning with Richard Mayer’s Personalization Principle, that people learn more deeply when words are conversational rather than formal. A human-to-human copywriting style makes sense for Immersive Labs, as we’re all about focusing on the humans behind the screens. When using the Lab Builder, we recommend writing your labs in an engaging, approachable style to create a modern, user-friendly learning environment. But conversational doesn’t mean sloppy. It’s about presenting ideas clearly and confidently, helping users feel at ease while they learn. Use everyday, concrete language Using fancy, complex words doesn’t make content better – it can actually distract readers and undermine clarity. Instead, prioritize clear, straightforward language to ensure your message is easy to understand, especially by users with cognitive disabilities. Avoid overly poetic phrases, figures of speech, idioms, or ambiguous language, which can confuse or overwhelm readers, including those with autism spectrum conditions. Strive for clarity to help users grasp your message the first time, keeping their needs front and centre. Address the reader Authenticity is all about gaining your reader’s trust. We recommend speaking directly to them in your custom labs by using “you” throughout your copy. This handy trick also avoids any ambiguity when it comes to practical tasks. Take the following example. “In this lab, the machine must be analyzed and IoCs must be extracted.” Instead of being vague and passive, we recommend talking directly to the reader and telling them exactly what they need to do. “In this lab, you need to analyze the machine and extract IoCs.” Or better yet, you can be even more direct by cutting that down even further: “In this lab, analyze the machine and extract IoCs.” Our labs and scenarios frequently talk directly to the reader. Users are more likely to stay engaged when they’re spoken to, not at. Use contractions Contractions instantly make your writing more conversational by mimicking natural speech. Combining words like "it is" to "it’s" or "you are" to "you’re" adds a touch of informality that feels approachable and inclusive. While once discouraged in formal writing, contractions are ideal for a modern learning environment, making text easier to read, understand, and remember. Be concise Writing in plain language is good for all users, but can make a massive difference for neurodivergent users, those who struggle to focus, those who hyperfocus, or maybe those who find reading difficult. We follow recommendations from the Advonet Group, the British Dyslexia Association, and Clark and Mayer’s Coherence Principle to ensure accessibility for a diverse audience – and you should too! Writing simply and clearly doesn’t mean trivializing content or sacrificing accuracy; it just makes your message easier to understand. After all, no one's ever complained that something's too easy to read! The difficulty comes when balancing this with technical content. How can you make advanced, complex cybersecurity topics clear and concise? Keep it short and sweet Sentences longer than 20 words become difficult to understand and can detract from the point being made. It’s easy for people’s minds to wander, so get to your point in as few words as possible. The same goes for paragraphs. Try and avoid long, dense walls of text. Nobody wants to read that, and it’s no good when thinking about accessibility. Keep your paragraphs to four or five lines, maximum. Get to the point Avoid adding unnecessary side notes to your labs, as they can distract from the main message and make learning harder. Unnecessary content distracts the learner’s attention from the main message, making them less likely to remember the core topic. It disrupts the connections between key messages and diverts the learner’s focus, making it harder to piece together the bigger picture. This is all down to cognitive load theory, which says that in general, humans can handle around four pieces of new information at any one time. To help users focus, stick to the lab's core topic and avoid overloading them with unrelated details. TL;DR When writing your labs with the Custom Lab Builder, ensure all your text is conversational to engage your users with the topic. And also make all your copy as concise as possible. Getting your message across in as few words as possible will reduce cognitive overload, boredom, and frustration. By focusing on being conversational, as well as being consistent and conscious (as we covered in the previous blog posts in this series), your readers will engage with your content better, remember the topic, and be able to put it into practice more easily – improving their cybersecurity knowledge and driving their cyber resilience. Share your thoughts! What do you think about these tone of voice tips when writing your custom labs? Have you tried to write your labs in a conversational yet concise way, and how did this go down with your users? Do you have any other suggestions for the community on how to write conversationally? We’d love to hear from you!Making the Most of Custom Lab Builder: A Guide to Writing Inclusively for All
Language shapes how people perceive and engage with content, so it’s crucial to consider the kind of words you use. Using outdated terminology can offend and disengage learners, as well as hurt a company’s reputation. This blog is the second in a series on making the most of the Lab Builder, looking at what we call the Four Cs. Ensuring your writing is… Conscious Consistent Conversational Concise The previous post in this series looked at accessibility. In this post, we’ll explore what it means to write consciously and inclusively, share practical tips, and show how our platform supports this critical effort. Why is inclusive language important? Inclusive language avoids bias, respects diversity, and ensures accessibility for all. In cybersecurity, it means using terms that foster collaboration and trust, avoiding outdated or harmful phrases, and creating welcoming and empowering content The Quality Team at Immersive Labs is committed to staying up to date with how language changes in the cyber industry. We regularly undertake research and speak to other industry professionals to ensure that our language is appropriate. Words to avoid We recommend avoiding specific terms that some people may find offensive, and some socially charged language that may have negative connotations. Non-inclusive language to avoid Preferred inclusive versions Whitelist/Blacklist Allowlist/Denylist White hat/Black hat hackers Ethical/Unethical hackers Master/Slave Leader/Follower, Primary/Replica, Primary/Standby Grandfathered Legacy status Gendered pronouns (e.g. assuming “he/him/his”) They, them, their Gendered pronouns (e.g. “guys”) Folks, people, you all, y’all Man hours, man power Hours, engineer hours, workforce, staffing Man-in-the-middle attack Machine-in-the-middle attack Sanity check Quick check, confidence check, coherence check Dummy value Placeholder value, sample value Crazy, insane Amazing, incredible, or any other appropriate adjective Socially charged words Preferred inclusive versions Native Built-in, default, pre-installed, integrated, core Abort Stop, cancel, end, force quit Cripple Disable, impair, damage, destroy, ruin Kill Stop, force quit, close, shut down Trigger Activate, initiate, cause, launch Unsure if a phrase you’ve used could be seen as offensive? Ask yourself: is this the most accurate and appropriate choice? Often, you can find a more descriptive word and avoid using these examples. Top tips for inclusive language Use writing tools Tools like Grammarly can help identify problematic words or phrases. You can create customized lists in Grammarly, which will then flag when a word has been used in your writing. Additionally, there are many inclusive language guides available online. Keep it short and sweet Use short sentences and paragraphs. Shorter sentences are easier to read, scan, and understand – especially for those with cognitive disabilities. Aim for sentences around 10–15 words, with variation for a natural flow. Avoid sentences longer than 20 words, as they can be harder to follow. Read aloud Proofread your work aloud to catch awkward phrasing, overly complex sentences, or insensitive terms. Hearing the words can help identify spots where clarity or tone might need improvement. Get a second opinion Ask a colleague to review your final version. A fresh set of eyes can spot language that might be unclear, inappropriate, or overly complicated. Share your thoughts Now that Lab Builder is here and you’ve had a chance to create your own content, how have you made your content more inclusive? We’re always looking to stay up to date, so if you have any further suggestions to add to our list of words to avoid or any other tips, let us know! We’d love to learn from you and grow the collective community knowledge.Making the Most of the Custom Lab Builder: Writing With Accessibility in Mind
What if someone tried to access your content who was visually impaired? Or who had cognitive difficulties? Or who was hard of hearing? Would they be able to understand the information you’ve provided and improve their cyber resilience? Our in-house copyediting team has created a series of articles to help you craft high-quality labs, aligned to the rigorous processes we follow. We embrace what we call the Four Cs to ensure all labs are: Consistent Conscious Conversational Concise These articles delve into each of these principles, showing how to implement them in your labs to create content that resonates with readers, enhances learning, and boosts cyber resilience. This post highlights how being conscious of your formatting can enhance accessibility for assistive technology users and how consistent formatting improves navigation for everyone. Rich text formatting Rich text formatting tools like subheadings, bullet points, lists, and tables in the Custom Lab Builder help organise information for easier scanning, better retention, and improved comprehension. Using these will ensure your content is consistent, accessible, and reader-friendly for everyone! Rich text formatting elements carry specific meaning, which assistive technologies rely on to convey information to specific users. Headings Visually, headings represent hierarchy through different font styling and allow users to quickly scan content. Programmatically, they allow users who can’t see or perceive the visual styling to access the same structural ability to scan. Heading elements should reflect the structure of the content. So your title should go in ‘Heading 1’ formatting, your next subheading will go in ‘Heading 2’ formatting, and so on. To ensure your content reads correctly to screen reader users, don’t use HTML heading styling to represent emphasis, and don’t use bold to make text appear like a heading. Lists (bullets/numbering) Always use bullets or numbered lists using the provided formatting to convey a list. A screen reader will announce that the following information is a list. Links How a link is formed significantly impacts usability. Consider the following sentence: “To find out more about this topic, complete our Intro to Code Injection lab here.” Links are interactive elements, which means you can navigate to them using the tab key. A user who relies on screen magnification to consume content may choose to tab through content to see what's available. The example above would be communicated as just “here”, which provides no context. They’d need to manually scroll back to understand the link’s purpose. Always use descriptive link text that clearly indicates its destination. Avoid ambiguous phrases like “here”. If that’s not possible, ensure the surrounding text provides clear context. “To find out more about this topic, complete our Intro to Code Injection lab.” Bold Only use bold for emphasis! Avoid italics, capital letters, or underlining (reserved for hyperlinks) to prevent confusion. Consistency in formatting reduces cognitive load, making your text more accessible. Bold stands out, provides better contrast, and helps readers quickly identify key information. Avoid italics With 15–20% of the population having dyslexia, italics are worth avoiding because research shows it’s harder for this user group to read italic text. Italics can sometimes bunch up into the next non-italic word, which can be difficult to comprehend or distracting to read. Media If you’re adding media to your labs, such as videos and images, it’s especially important to consider those who use assistive technologies. These users need to have the same chance of understanding the content as everyone else. They shouldn’t miss out on crucial learning. What is alternative text? Alt text describes the appearance and function of an image. It’s the written copy that appears if the image fails to load, but also helps screen reading tools describe images to visually impaired people. Imagine you’re reading aloud over the phone to someone who needs to understand the content. Think about the purpose of the image. Does it inform users about something specific, or is it just decoration? This should help you decide what (if any) information or function the images have, and what to write as your alternative text. Videos Any videos you add to your lab should have a transcript or subtitles for those who can’t hear it. Being consistent Consistency is a major thinking point for accessibility. We recommend adhering to a style guide so all of your labs look and feel consistent. We recommend thinking about the structure of your labs and keeping them consistent for easy navigation. In our labs, users expect an introduction, main content, and a concluding “In This Lab” section outlining the task. This helps users recognize certain elements of the product. It reduces distraction and allows easier navigation on the page. For example, some users prefer diving into practical tasks and referring back to the content if they need it. By using the same structure across your lab collections, your users will know exactly where to find the instructions as soon as they start. TL;DR It’s crucial to focus on accessibility when writing your custom labs. Utilise the built-in rich text formatting options in the Custom Lab Builder (and stay consistent with how you use them!) to ensure your labs are easy to navigate for every single user. By being conscious and consistent with your formatting, every user will engage with your content better, remember the topic, and be able to put it into practice more easily, improving their cybersecurity knowledge and driving their cyber resilience. No matter how they consume content. Keep your eyes peeled for the next blog post in this series, which will look at inclusive language. Share your thoughts! There’s so much information out there on creating accessible content. This blog post just focused on the language, structure, and current formatting options available in the Custom Lab Builder. Have you tried to make your labs or upskilling more accessible, and how did this go down with your users? Do you have any other suggestions for the community on how to write content with accessibility in mind? Share them in the comments below!Mastering Crisis Sim: How We Got 25 Execs on the Edge of Their Seats
Let's start with the requirements. In this case, they were clear: 1) To have a fully customised exercise focusing on payment risks and cyber threats like fraud, ransomware, and cash-outs. This is the domain expertise of Mastercard, who had no issues creating this in the Immersive platform with our review and guidance. 2) To deliver this on-site in front of 25 senior execs (including the CEO, CTO, CISO, CFO, and numerous heads of departments). It’s definitely not easy getting this many board members together in one room, so we had to make the first best impression! What did we do, and why was it a success? The stakeholders told us that they’d run tabletop exercises before, so this wasn’t new to them. So, how did we turn what they expected to be a routine drill into an edge-of-the-seat experience? What made our approach unique? Realistic AI-generated videos The amazing Crisis Sim content creation team at Immersive Labs used generative AI to create highly realistic videos that felt as though they were straight from a Pakistani news channel. Mastercard provided us with a few scripts and ideas that helped bring the AI videos to life. AI video of a news reporter tailored to resemble the Pakistani news channel. AI video of a news reporter tailored to resemble the Pakistani news channel. Why did the execs jump out of their seats? That’s because we included the following in the videos: Footage of their building on the news and customer dissatisfaction over cyberattack repercussions. News reporters with local accents and dress styles mentioning the bank and stakeholders, and unhappy Tweets flooding social media. A video of their CEO, not his real face of course, but we used his name when it came to an inject where the stakeholders voted for ‘releasing a press statement to the public’. They even specifically asked us to ensure none of these videos leaked! But each video included the message “Exercise use only – not based on real events”. AI video of the CEO giving a press conference. Collaboration This success was a team effort. Getting any presentation done right, especially in person, requires planning and knowing your audience. This is where Mastercard brought their expertise to create and tailor the Crisis Sim exercise while we supported with our guidance and previous customer experience knowledge. Our roles, tasks, and responsibilities were clear. Top tip: If you’re planning an exercise, collaborate with others for ideas and support. Double act presentation Presenting as a team made all the difference. Mastercard’s expertise in engaging senior execs helped animate the session and avoid awkward silences, while I focused on facilitating the exercise. Doing this alone can be tricky – I’ve personally struggled with awkward silences during solo Crisis Sim sessions while juggling scenario questions, multiple responses, feedback, and facilitation all at once. Sharing the load was crucial, especially in a U-shaped room where I couldn’t easily move around. In this case, I didn’t need to worry about moving away from my laptop, leaving the close-up engagement completely for Mastercard to lead on. Image example of the U-shaped conference room this took place in. The feedback The feedback was overwhelmingly positive – they said it was their first experience with such a tabletop exercise, a stark contrast to their initial expectations. The AI videos sparked significant interest and curiosity. The collaboration between Mastercard and Immersive Labs successfully delivered an educational, engaging, and tailored exercise. The bank expressed interest in running a wider crisis drill in 2025 with multiple banks. So look forward to hearing about that in the future! Finding AI video scenarios in our Crisis Sim Catalogue If you clicked on any of the AI images above thinking it was a video, I’d like to apologise. They were just screenshots as the actual videos included sensitive, bank-specific details like names and locations that we can’t share externally. If you’d like to explore AI video scenarios in our Crisis Sim platform, check out titles like: Boardroom Betrayal: When Deepfakes Strike the Top Puppetmaster’s Revenge The Walls Have Ears – Part One The Walls Have Ears – Part TwoUnmasking Holiday Hackers
Imagine the following scenario… You receive a text message from a “delivery service”. It asks you to click a link to validate your personal information so they can deliver a parcel. Thinking it’s a precious holiday package from one of your many online orders, you click it. You input your credit card number to validate the order, and you enter your address to ensure it’s delivered to the right place before you have time to realize what’s just happened… 💥 You’ve given all your information to a scammer! 🤯This is textbook smishing, but that doesn’t change the fact that it’s incredibly effective. This exact situation happened to Grant Smith – however, he just so happened to be a certified Ethical Hacker. Smith shared his story and subsequent investigation details with Wired. In the article, we learn that: In total, people entered 438,669 unique credit cards into 1,133 domains used by the scammers. More than 50,000 email addresses were logged, including hundreds of university email addresses and 20 military or government email domains. The victims were spread across the United States, with more than 1.2 million pieces of information being entered in total. California, the state with the most, had 141,000 entries. Nobody wants to be part of this user cohort, but smishing attacks are becoming more common and more sophisticated. Around the holiday season, we interact with more businesses and technologies across multiple digital channels – and urgency only increases the closer we get to Christmas, growing your personal threat surface. You can help reduce your chances of being a victim of cybercrimes by upskilling with these labs: Staying Safe Online: Safer Browsing Staying Safe Online: Identity Theft Ready to take the reins of the sleigh and get into an investigation like Smith’s yourself? For a holiday-spirited investigation around a phishing attack – start with A Christmas Catastrophe: A Christmas Phish. From there, you can build a gingerbread house solid foundation for your security skills. Consider exploring the Introduction to Penetration Testing and Hack Your First Computer collections. If you’re ready to dig deep and build knowledge and skills to use open-source tooling at the next level, you can follow Grant’s steps with Immersive Labs collections! Scan with Nmap Nmap is one of the most popular network scanner tools available. In this introductory collection, you‘ll learn what Nmap is and how to use it to enumerate for hosts, ports, and services on a target. Intercept web traffic with Burp Suite Burp Suite is a popular tool used for pen testing and assessing web application security. This skill collection will take you from the basics of configuring and using Burp Suite to expertly traversing and applying its range of tools and features. Scan with NsLookup in Introduction to Networking This collection focuses on core networking concepts and the basics of networking connectivity, network topologies, and general networking concepts including IP addresses and domain name systems (DNS). Name Server Lookup allows users to query the DNS to retrieve information like IP addresses associated with domain names. Analyze web socket communications with Packet Analysis Reading packets and understanding the structure of packet captures are essential skills in cybersecurity. This collection introduces the main packet analysis tools and how to look for flags inside packet headers. Conduct Web Log Analysis This collection introduces you to the log files produced by web application servers and how they can be interpreted. You’ll be shown how to use common command line tools to analyze the log artifacts, what you can infer from the information captured in logs, and how this information can be helpful when responding to a suspected incident. Use SQL Injection Basics and SQL Injection to access databases Learn core SQL injection techniques and build on those skills to extract information from databases. When a vulnerability exists, this data can be accessed in various ways. Conduct advanced database investigations with Introduction to Linux Exploitation and Linux Command Line Gain foundational knowledge on Linux-based software exploitation, commonly used tools, and how the Linux Command Line Interface (CLI) can be used to perform different tasks. The labs in this skill collection range from navigating around a file structure to combining multiple commands to achieve a specific goal. Report valid cyber crimes to authorities! One such avenue is the Internet Crime Complaint Center. Or, if you’re working on an internal investigation for your employer, you should ensure strict adherence to your processes and playbooks for threat escalation and remediation processes. While you may not need to complete end-to-end tasks like the above frequently, it’s an asset to understand an offensive security mindset and key open-source tooling to conduct an investigation. Put your Nice List skills to use by continuing your offensive security journey and consider a Certified Ethical Hacker certification. You might even just earn an invite to the North Pole! Or, keep upskilling in Immersive Labs to earn more security badges and advance your career as an offensive security practitioner. You can be the light that guides the sleigh through the dark world of cyber criminals! Share your thoughts Did you find this case study interesting? Did you find some cross-functional training to bookmark for your personal growth? Please share your thoughts in the comments below! Give those hackers some coal to put somewhere special – their stocking, of course! Make sure you're following the Human Connection Blog to get updates to your inbox!Team Sim: Best Approaches for Your Team
A common issue in Team Sim exercises is when one player works in isolation, leaving others behind and missing the chance to build key team skills. To get the most out of a Team Sim exercise, the focus should be on teamwork – it’s in the name! Whether your team is meeting for the first time or has worked together every day for many years, here are some common characteristics and actions I’ve consistently seen in the best-performing teams: 1. Team leader Regardless of the person’s day-to-day role, a nominated team leader is the essential glue for any team. Some responsibilities I’ve seen effective team leaders adopt include chairing discussions, driving the group to a consensus and a clear decision, being the team’s representative for exercise manager communications, ensuring the team stays organized, and encouraging a positive experience for every member. 2. Pre-exercise team meeting A good plan will start the team on solid footing. High-performing teams bring everyone together before starting the exercise to agree on the approaches and rules of engagement. If you’re meeting the team for the first time, taking the time for introductions is critical to a comfortable environment. 3. Clear communication channels Establishing clear communications for sharing technical information and virtual conferencing details (if required). We recommend setting up a temporary private messaging group in your organization’s approved communications platform. Every team member should know how and where to ask questions or ask for support. 4. Blocked out exercise time Depending on how you approach the exercise (more on this later), teams that reserve time in their calendars in advance tend to have greater attendance and engagement. The effectiveness of team exercises depends on factors like team size, communication medium (in-person, virtual, or hybrid), time zones, skill levels, and goals. For example, do you want to put a well-known team to the test or have junior members learn from experienced analysts? In the spirit of collaboration, we have some tried and tested team approaches that we know work well in bringing people together. Each approach has its advantages and disadvantages, so bear this in mind when thinking about what works best for you and your team. One Team This involves the entire team working through the exercise together, either in person or virtually, maintaining constant communication and progressing at the same pace. This is the most common approach and is great for information sharing and peer learning. However, in larger teams, there’s a higher risk of some members falling behind, reducing their engagement. Chairperson Somewhat contrary to our earlier sentiments, this approach requires players to conduct portions of the exercise tasks alone, before coming together as a team during regular checkpoint meetings to discuss and validate each other's answers and findings. The team must agree on an answer before a chairperson submits the answer to a question in Team Sim. This is a slower approach, but it provides every player a chance to experience the whole exercise while encouraging knowledge sharing and exposure to different approaches and styles. Relay This is best for geographically split teams and perfect for exercising handover communication! Teams work on segments (e.g., specific time blocks or question sets) and pass their findings to the next team. Handoffs should mirror real incidents, addressing findings, uncertainties, and further investigations. A post-exercise debrief is a great opportunity to review and improve handover processes and communication skills. Team Strengths No two people are the same, and you may have specialists or people with particular strengths you can lean on. As you progress through the exercise and require different skills and knowledge, engaging those specialists can be an effective way to tackle a problem as a true team. Identify those strengths early on so you know what's in your team’s arsenal! Want a challenge? Do the opposite and encourage the team to use the skills they find challenging! If you want to save a copy of these approach ideas, check out our Team Sim Player Guide, which you can download and share. Share your thoughts This isn’t an exhaustive list of approaches; be creative with your team to find what works best for you. If you’ve participated in a Team Sim exercise before, let us know your tips for creating a top-class team dynamic!Defend as One: Breaking Down Technical Barriers Across an Organisation Through Technical Team Exercising
This article details how a public healthcare account used Immersive Labs’ Cyber Team Simulation for a cross-departmental May Day programme, benchmarking national cyber capabilities. As their Cyber Workforce Advisor, I’ll outline the steps taken, from planning to execution, to achieve this strategic programme.The Human Connection Challenge Lab 1: Basic OS Skills – Walkthrough Guide (Community Version)
This is a walkthrough guide written by one of our community members, who offered to give their perspective on the challenge. Interestingly, they approached this challenge by completing some of the tasks in the graphical user interface (GUI) instead of the command line.
