47:54
X_x It Came From Reddit x_X - Bad Batch Files
29:03
DFIR Challenge - Email Analysis
01:16:26
CyberDefenders - TeamSpy - Part Three
01:23:49
CyberDefenders - TeamSpy - Part Two
42:29
CyberDefenders - TeamSpy - Part One
44:37
[REDO] SOC101 EventID: 8 (Phishing Mail Detected) [Aug. 29, 2020, 11:05 p.m.] [REDO]
33:09
CyberDefenders - Malware Traffic Analysis 1
01:16:06
CyberDefenders - DeepDive
01:03:13
CyberDefenders - EscapeRoom
04:08
Driving in Mid-Michigan on December 23rd around 1700...
22:20
CyberDefenders - l337 S4uc3 - Part 2
01:22:48
CyberDefenders - l337 S4uc3 - Part 1
24:37
DFIR Challenge - Phishing Email
49:36
End User Submission - Game or Malware via Discord
36:52
CyberDefenders - GrabThePhisher
01:10:51
CyberDefenders - Eli
40:23
QBOT Malware Investigation
38:42
SA - SOC175-125 - PowerShell Found in Requested URL - Possible CVE-2022-41082 Exploitation
38:53
DFIR - Windows Forensics - Part 2
01:25:20
DFIR - Windows Forensics - Part 1
32:23
End User Submission - Game Demo or Cred Stealer???
41:55
Malware Analysis - Suspicious Browser Extension
55:44
ISO Malware Investigation
40:33
IR - SOC174-124 - DogWalk 0-Day Activity
59:16
DFIR - Memory Analysis
42:38
DFIR - Investigate Web Attack
24:17
Malware Analysis - PDF Analysis
36:38
SA - SOC115-47 - Wscript.exe Usage as Dropper
10:25
SA - SOC169-119 - Possible IDOR Attack Detected
02:07
Batavia, IL thunderstorm moving in on 07-05-2022 @ 2100
13:40
SA - SOC168-118 - Whoami Command Detected in Request Body
13:08
SA - SOC167-117 - LS Command Detected in Requested URL
20:24
SA - SOC166-116 - Javascript Code Detected in Requested URL
01:11:32
DFIR Challenge - Conti Ransomware
25:32
SA - SOC173-123 - Follina 0-Day Detected
02:45:22
CyberDefenders - MrRobot
01:50:18
CyberDefenders - Elastic-Case
01:27:40
CyberDefenders - BankingTroubles
01:30:28
CyberDefenders - DumpMe
18:26
CyberDefenders - GetPDF Follow Up
01:06:44
CyberDefenders - GetPDF
31:03
SA - SOC114-45 - Malicious Attachment Detected - Phishing Alert
33:21
IR - SOC171-121 - Spring4Shell Activity
20:48
SA - SOC165-115 - Possible SQL Injection Payload Detected
30:37
SA - SOC164-114 - Suspicious Mshta Behavior
36:25
SA - SOC163-113 - Suspicious Certutil.exe Usage
22:17
SA - SOC170-120 - Passwd Found in Requested URL - Possible LFI Attack
01:23:49
IR - SOC162-112 - Pwnkit (CVE-2021-4034) Detected - Auditd (pkexec)
01:00:23
IR - SOC159-109 - Karma Ransomware Attack
29:54
IR - SOC159-109 - Karma Ransomware Attack
01:06:58
IR - SOC158-108 - Hijacked NPM Package
49:36
IR - SOC156-105 - Unnormal Code/Command Execution
42:53
IR - SOC152-100 - Encrypted Files Detected
47:41
End User Submission - Reddit0
57:00
IR - SOC145-103 - Ransomware Detected
45:39
InfoSec Tools - Email Analysis
01:42:48
IR - SOC153-101 - Suspicious Powershell Script Executed
46:56
IR - SOC128-106 - Malicious File Upload Attempt
56:46
IR - SOC151-99 - Unauthorized Root Access
01:31:46
IR - SOC154-102 - Service Configuration File Changed by Non Admin User
X
About
InfoSec Professional that enjoys exercises from the Lets Defend and Cyber Defenders platforms, when not busy with work and family, of course!
Tags