Difficulty
intermediate
Average duration
2 hrs
Technologies
windows
engineering-reverse
cybersecurity
base64
forensics
incident response
A02:2021 - Cryptographic Failures
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
windows
engineering-reverse
cybersecurity
base64
forensics
incident response
A02:2021 - Cryptographic Failures
A05:2021 - Security Misconfiguration
A prestigious AI company suffered a remote intrusion outside of business hours. Manipulation was detected on the backup server and the execution of an unauthorized binary, along with a password-protected compressed file. You have been summoned as a forensic analyst to reconstruct the events. You will receive a controlled copy of the evidence extracted from the compromised server.
In this lab, you will learn:
🌱 How to start this lab
👉 This challenge is solved within a pre-configured virtual machine for forensic analysis. You do not need to access the compromised system or use external tools; you will analyze already collected files.
Download the virtual machine from:
1https:/cybersecurity-machines/final-boss-forensic-analysis.ova
analyst:4geeks-lab
.Your Mission
According to the preliminary report, on June 12, a remote session initiated by a system user was recorded outside of business hours, marking the beginning of the attack. The cybersecurity team has provided you with key evidence from the compromised server (Windows Server) for your analysis on this secure Linux lab machine. Everything you need is there. Examine the files to reveal what happened and reconstruct the events.
Forensic investigators are awaiting your conclusions. If you manage to decipher the protected evidence and reconstruct the events, you will find what many seek and few find.
💡 Tips
Are you ready to face the final challenge?
Good luck, Forensic Analyst!
Difficulty
intermediate
Average duration
2 hrs
Technologies
windows
engineering-reverse
cybersecurity
base64
forensics
incident response
A02:2021 - Cryptographic Failures
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
windows
engineering-reverse
cybersecurity
base64
forensics
incident response
A02:2021 - Cryptographic Failures
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
windows
engineering-reverse
cybersecurity
base64
forensics
incident response
A02:2021 - Cryptographic Failures
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
windows
engineering-reverse
cybersecurity
base64
forensics
incident response
A02:2021 - Cryptographic Failures
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
windows
engineering-reverse
cybersecurity
base64
forensics
incident response
A02:2021 - Cryptographic Failures
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
windows
engineering-reverse
cybersecurity
base64
forensics
incident response
A02:2021 - Cryptographic Failures
A05:2021 - Security Misconfiguration