Scenario
The #NSM gear flagged suspicious traffic coming from one of the organization’s web servers. Analyze the server’s captured memory image and figure out what happened.
The #NSM gear flagged suspicious traffic coming from one of the organization’s web servers. Analyze the server’s captured memory image and figure out what happened.
For the last week, log4shell vulnerability has been gaining much attention not for its ability to execute arbitrary commands on the vulnerable system but for the wide range of products that depend on the log4j library. Many of them are not known till now. We created a challenge to test your ability to detect, analyze, mitigate and patch products vulnerable to log4shell.
One of the SOC analysts took a memory dump from a machine infected with a meterpreter malware. As a Digital Forensicators, your job is to analyze the dump, extract the available indicators of compromise (IOCs) and answer the provided questions.
En esta entrada nuevamente vamos a resolver un reto de Cyberdefenders. Vamos concretamente DeepDive en la cual vamos a tener que realizar mediante Volatility un análisis forense.
Dado que mis conocimientos de Volatility y análisis forense es bajo me a parecido un reto muy difícil la cual me a ayudado a saber mas sobre el funcionamiento de la memoria.
Scenario
You have given a memory image for a compromised machine. Analyze the image and figure out attack details.
Tools
Resources
Leer más