KC7 Inside Encryptodera

KC7 Inside Encryptodera - Section 3: F in the chat

This post is a write-up or clues on how to resolve the KC7 investigation case of Inside Encryptodera - Section 3: F in the chat . You can use it as a helpful guide when you encounter an obstacle, as it structured as a fill-in-the-blanks solution. Section 3: Question 1: What username was used to log into the DOMAIN_CONTROLLER_SERVER? AuthenticationEvents | where hostname == "DOMAIN_CONTROLLER_SERVER" | project username Question 2: What laptop did the lihenry_domain_admin account sign into?...

September 6, 2024 路 Last Modified: September 6, 2024 路 3 min 路 553 words 路 Bader Alrowaiei
KC7 Inside Encryptodera

KC7 Inside Encryptodera Section 2: Crypto Conquest

This post is a write-up or clues on how to resolve the KC7 investigation case of Inside Encryptodera Section 2: Crypto Conquest . You can use it as a helpful guide when you encounter an obstacle, as it structured as a fill-in-the-blanks solution. Section 2: Question 1: What is the filename of this note? Do you see it? It is the .txt file name. FileCreationEvents | where path contains "GIMME" | distinct filename | project filename Question 2: What kind of attack is this?...

August 25, 2024 路 Last Modified: September 1, 2024 路 6 min 路 1165 words 路 Bader Alrowaiei
KC7 Inside Encryptodera

KC7 Inside Encryptodera - Section 1: Offensive Odor

This post is a write-up or clues on how to resolve the KC7 investigation case of Inside Encryptodera - Section 1: Offensive Odor 馃懡 . You can use it as a helpful guide when you encounter an obstacle, as it structured as a fill-in-the-blanks solution. Section 1: Question 1: What is Barry鈥檚 role at the company? Employees | where name contains "Barry" | project name , role Question 2: What is Barry鈥檚 email address?...

July 29, 2024 路 Last Modified: August 17, 2024 路 4 min 路 655 words 路 Bader Alrowaiei