Servers utilizing Adobe ColdFusion were exploited in the wild. LetsDefend rated this challenge as Medium in difficulty. This Blue Team challenge can be accessed at https://app.letsdefend.io/challenge/adobe-coldfusion-rce. I answered the questions using the tools Hayabusa, Timeline Explorer, CyberChef and PowerShell. Scenario: A web server was isolated for suspicious use of the nltest.exe command. Investigate the Windows …
Tag Archives: letsdefend.io
LetsDefend: Ransomware Attack
Scenario: An end-user device was infected by ransomware. A memory dump was captured from the compromised machine, and it is our task as digital forensics investigators to find the evidence of the attack. The memory capture file that was provided to us is in .mans format which is a Mandiant Analysis File. This should give …
LetsDefend: Memory Dumper
Another good challenge from LetsDefend.io and kudos to this challenge creator, 0xCyberJunkie.sh. You can access the challenge through this link. I intentionally masked part of the answers so you will have to do the necessary steps to see the entirety of the the answers. Scenario: A Windows endpoint was recently compromised. Thanks to the cutting-edge …
LetsDefend: PDF Analysis
WARNING: Do not open/run the pdf file on your local machine because it is malicious. Use the sandbox to analyze the file. Scenario: An employee has received a suspicious email. The employee reported this incident and mentioned that they did not download or open the attachment as they found the email very suspicious. They wish …
N00b_H@ck3r 
You must be logged in to post a comment.