A blue-team walkthrough of the CyberDefenders Openfire challenge using Wireshark and Zui: recovering the CSRF token and credentials, tracing the malicious plugin upload and reverse shell, and identifying the exploited CVE.
A blue-team walkthrough of the CyberDefenders XLMRat challenge: tracing the first-stage download URL and hosting provider from the PCAP, hashing the loader and executable payloads, and identifying the malware family and the LOLBin used for stealthy execution.
A blue-team walkthrough of the CyberDefenders BlueSky ransomware challenge: analyzing the PCAP to find the port-scan source IP, the targeted account, C2 process injection, the downloaded payload, and the registry keys used to disable Windows Defender.
A blue-team walkthrough of the CyberDefenders DanaBot challenge: using PCAP and threat intel to trace the initial-access IP, identify the malicious files and their SHA-256/MD5 hashes, and the process used to execute the banking trojan.
A blue-team walkthrough of the CyberDefenders WebStrike challenge: analyzing the PCAP to find the attack’s geographic origin and user agent, the uploaded web shell and its port, the upload directory, and the file targeted for exfiltration.