Try Hack Me: b3dr0ck

This room was released on 8/26/2022 and is rated medium in difficulty. Shout-out to the room creator, @F11snipe. You can access the room at https://tryhackme.com/room/b3dr0ck. Scenario: Barney is setting up the ABC web server and using TLS certs to secure connections, but he’s having trouble. Here’s what we know: He established Nginx on port 80, …

Try Hack Me: Hacker vs. Hacker

This room was released on 8/12/2022 and is rated easy in difficulty. Shout-out to the room creator, @Aquinas. You can access the room at https://tryhackme.com/room/hackervshacker# Scenario: The server of a recruitment company appears to have been hacked, and the hacker has defeated all attempts by the admins to fix the machine. They can’t shut it …

LetsDefend: Memory Dumper

Another good challenge from LetsDefend.io and kudos to this challenge creator, 0xCyberJunkie.sh. You can access the challenge through this link. I intentionally masked part of the answers so you will have to do the necessary steps to see the entirety of the the answers. Scenario: A Windows endpoint was recently compromised. Thanks to the cutting-edge …

LetsDefend: PDF Analysis

WARNING: Do not open/run the pdf file on your local machine because it is malicious. Use the sandbox to analyze the file. Scenario: An employee has received a suspicious email. The employee reported this incident and mentioned that they did not download or open the attachment as they found the email very suspicious. They wish …

CyberDefenders: GrabThePhisher

This Blue Team challenge was released on 7/23/2022 from CyberDefenders. You can access the room at https://cyberdefenders.org/blueteam-ctf-challenges/95. This is one of the easiest challenges I’ve ever encountered from CyberDefenders.org. This is a perfect challenge for beginners who just want to get their feet wet in doing hacking/IR challenges. The skills/tools to be tested and needed …

CyberDefenders: Mr. Robot

Note: I started with using volatility on my Windows machine, and eventually, I transitioned to working on my Linux machine. Pardon me for screenshots from different OSes. The first task in this challenge is to convert the VMWare Suspended State (.vmss) files to a memory dump so we can perform memory analysis. There is a …

CyberDefenders: DetectLog4j-CTF

This challenge was released on 01/16/2022 from CyberDefenders. You can access the room at https://cyberdefenders.org/labs/86. This is another blueteam challenge. The skills/tools to be tested and needed to complete this challenge are Autopsy or FTK Imager, dnSpy, VirusTotal, and PowerShell. I hope you will find my write-up helpful. What is the computer hostname?vcw65 What is …

Try Hack Me: Conti

This room was released on 1/7/2021 and it is rated Medium in difficulty. Shou-out to the room creator, @heavenraiza who also recognized Bohan Zhang for the challenge. You can access the room at https://tryhackme.com/room/contiransomwarehgh. This is a blueteam challenge. The skills/tools to be tested and needed to complete this challenge are Splunk and Googling. I …

Try Hack Me: Carnage

This room was released on 11/25/2021 and it is rated medium in difficulty. Shout-out to the room creators, RussianPanda [She/Her] and Heavenraiza. You can access the room at https://tryhackme.com/room/c2carnage. This is another blueteam side of the cybersecurity field. The skills/tools to be tested and needed to complete this challenge are WireShark, VirusTotal, and Malware and …

Try Hack Me: Squid Game

This room was released on 11/11/2021 and it is rated hard in difficulty. Shout-out to the room creators, @RussianPanda [She/Her] and @heavenraiza. You can access the room at https://tryhackme.com/room/squidgameroom. This is room is more on the blue side of the cybersecurity field. The skills/tools to be tested and needed to eliminate the five attackers in …