The Digital Heist
Analyze a network breach where attackers exfiltrate sensitive data through malicious traffic. Use Wireshark to filter packets, uncover suspicious activity, and recover the stolen flag hidden in the capture.
Scenario
Bryan Cultera, a junior security analyst at TechCorp, discovers that the company's network has been compromised after an employee clicked on a malicious email attachment during their lunch break. The attacker has been quietly stealing login credentials and exfiltrating sensitive company documents, including a confidential security report containing investigation findings. As the incident response team's newest member, you must analyze the captured network traffic to understan...
This is just a preview of the challenge description. Sign up to access the full challenge details and start learning!
Sign Up to See Full Description- Analyse the file using Wireshark on your Kali machine:
- wireshark suspicious_traffic.pcap
- Statistics > Protocol Hierarchy
- Statistics > Conversations
- Statistics > Endpoints
- Apply filters to the search funtion:
- HTTP Traffic: http
- DNS Traffic: dns
- POST Requests: http.request.method == POST
- Large Packets: tcp.len > 1000
- Search for specific suspicious activity:
- Credential Theft: Look for POST requests with login data
- Malicious Domains: Check DNS queries for suspicious domains
- Data Exfiltration: Identify large data transfers
- Find the Flag within one of the exfiltrated packets
Ready to Start This Challenge?
Sign up to access this challenge and start learning cybersecurity through hands-on practice.
