infosecn1nja

23rd place

1425 points

Awards

Hint 66

hints

Hint for SSL JARM analysis of the C2 Infrastructure

-10

Hint 57

hints

Hint for Chaos C2 - Fingerprint 2

-10

Hint 67

hints

Hint for OST Tools - Reversec Labs C3

-20

Hint 62

hints

Hint for Hookbot Panels - Fingerprint 2

-5

Hint 63

hints

Hint for Sneaky 2FA Credential Harvester

-10

Solves

Challenge	Category	Value	Time
Lactrodectus 3	Commodity Malware	25
Iranian APT Tracking 4	Nation State - Iran	50
Brute Ratel 3	OST Tools	100
OST - SSL Certificate Tracking	OST Tools	50
OST Tools - Reversec Labs C3	OST Tools	60
Iranian APT Tracking 2	Nation State - Iran	25
Hookbot Panels - Fingerprint 2	Commodity Malware	50
The Evolution of Chinese Malware	Chinese Malware	25
Chinese Malware - APT Espionage Targeting	Chinese Malware	25
Chinese Malware - Identifying ShadowPad Infrastructure	Chinese Malware	10
Lactrodectus 2	Commodity Malware	25
OST Tools - Attributing the C2 server properties	OST Tools	75
The Economics of Phishing-as-a-Service	Starting Point	25
Hookbot Panels - Fingerprint 1	Commodity Malware	50
Understanding the Threat Landscape	Starting Point	25
Pivoting 101 - 3	Pivoting 101	20
Pivoting 101 - 2	Pivoting 101	20
Pivoting 101 - 1	Pivoting 101	15
Iranian APT Tracking	Nation State - Iran	25
Who are they impersonating?	Chinese Malware	25
A Familiar Face in the Dark	Starting Point	25
Identifying RAT Activity in UK CNI Networks	Starting Point	25
Expanding the Hunt	Starting Point	100
Hunting Phishing Infrastructure	Starting Point	100
Brute Ratel 1	OST Tools	25
Havoc - Geolocating the C2 Infrastructure	OST Tools	50
Havoc - Identifying Common Traits of These C2 Servers	OST Tools	100
Chaos C2 - Fingerprint 3	OST Tools	100
Chaos C2 - Defaults	OST Tools	55
OST - Fingerprinting the C2 in Shodan	OST Tools	25
Havoc Framework C2 Profiling	OST Tools	100
OST - Attribution of the C2 Server	OST Tools	25
OST - Identifying the Command-and-Control (C2) Server	OST Tools	25