Posts

Showing posts from May, 2022

TryHackMe | Pyramid Of Pain WriteUp

Image
  Learn what is the Pyramid of Pain and how to utilize this model to determine the level of difficulty it will cause for an adversary to change the indicators associated with them, and their campaign. Link - https://tryhackme.com/room/pyramidofpainax Provide the ransomware name for the hash ‘63625702e63e333f235b5025078cea1545f29b1ad42b1e46031911321779b6be’ using open-source lookup tools Conti What is the ASN for the third IP address observed? Host Europe GmbH What is the domain name associated with the first IP address observed? craftingalegacy.com Go to this report on app.any.run and provide the first malicious URL request you are seeing, you will be using this report to answer the remaining questions of this task. craftingalegacy.com What term refers to an address used to access websites? Domain Name What type of attack uses Unicode characters in the domain name to imitate the a known domain? Punycode attack Provide the redirected website for the shortened URL using a preview: ht...

TryHackMe | Red Team Engagements WriteUp

Image
  Learn the steps and procedures of a red team engagement, including planning, frameworks, and documentation. Link - https://tryhackme.com/room/redteamengagements What CIDR range is permitted to be attacked? 10.0.4.0/22 Is the use of white cards permitted? (Y/N) Y Are you permitted to access “*.bethechange.xyz?” (Y/N) N How many explicit restriction are specified? 3 What is the first access type mentioned in the document? phishing Is the red team permitted to attack 192.168.1.0/24? (Y/N) N How long will the engagement last? 1 Month How long is the red cell expected to maintain persistence? 3 Weeks What is the primary tool used within the engagement? Cobalt Strike When will the engagement end? 11/14/2021 What is the budget the red team has for AWS cloud cost? $1000 Are there any miscellaneous requirements for the engagement? (Y/N) N What phishing method will be employed during the initial access phase? Spearphishing What site will be utilized for communication between the client and...

Eonrec