Network Investigation - CTF
You are a cybersecurity analyst working for a company that hosts customer web applications using KVM-based virtual machines. Over the weekend, one of the production VMs unexpectedly went offline. The web application team suspects this outage was caused by malicious activity. As part of the incident response process, they’ve provided you with a set of extracted evidence from the affected environment — including network captures, system logs, and possible malware samples.
By CyberTask Engineer · Easy level
15
Tasks
1
Sections
501
Points
1 hr
Duration
What You'll Learn
- Investigate a network intrusion using packet captures and system artifacts
- Trace attacker access, malware deployment, and persistence mechanisms
- Analyze hidden processes, anti-logging techniques, and C2 communications
Prerequisites
- Basic networking knowledge
- Understanding of Linux systems
Tools & Technologies
Wireshark
Linux CLI
Strings
MD5 Hash Tools
Ready to Begin?
Sign in or create an account to start this lab and earn points.