## challenges
All Challenges
5 challenges · 1000 total pts
easyLOG FORENSICS
Silent Channel
Your SOC team has detected unusual DNS traffic originating from a single internal workstation. A raw DNS query log has b…
100 pts
mediumLOG FORENSICS
Phantom Heartbeat
A corporate HTTP proxy captured outbound traffic from the internal network. Analysts spotted a host sending unusually re…
200 pts
hardPACKET ANALYSIS
Ghost Protocol
A network tap captured DNS traffic from a compromised workstation. The IDS flagged abnormally high response TTL values w…
300 pts
easyEMAIL FORENSICS
Mail Trap
An employee in the finance department received an email claiming to be from the company CFO requesting an urgent wire tr…
150 pts
mediumTHREAT INTEL
Brand Impersonator
A threat intel feed captured 72 hours of suspicious domain registrations. Multiple brands are being impersonated. Identi…
250 pts