What is the AD1 file? AD1 filename suffix is mostly used for Forensic Toolkit FTK Imager Image files. Forensic Toolkit FTK Imager Image format was developed by AccessData Group, LLC..AD1 files are supported by software applications available for devices running Windows. HINT: the AD1 file format does not directly support…

WEBSITE : cyberdefenders.org/ CHALLENGE : MalDoc 101 CATAGORY : MALWARE ANALYSIS ,VBA MACRO TOOLS : oletools , oledump.py , olevba , strings , deobfuscate-repetitions.py , base64dump.py , tr , grep , re-search.py #1) Multiple streams contain macros in this document. Provide the number of highest one. Here we need to find the macro-contained streams. So we use oledump.py to find the macro-contained streams.

SIEM stands for security information and event management and provides organizations with next-generation detection, analytics and response. SIEM software combines security information management (SIM) and security event management (SEM) to provide real-time analysis of security alerts generated by applications and network hardware. SIEM software matches events against rules and analytics…

Q1) What is the full name of the operating system version?

Q1 )What is the Opcode for Packet 6?

SITE : https://cyberdefenders.org/ 1)What is the FTP password? ANS HINT: Use the ftp filter and find the password

CTF Site: cyberdefenders.org/ Challenge Name: Malware Traffic Analysis 2 Author: Brad Duncan QST 1 ) What is the IP address of the Windows VM that gets infected? Path : Open the pcap in Network Miner and look at the windows machine

This is a new experience for me. I only focus on the forensic challenges.

After completing of our first forensic challenge we go to the part two .In this second part our challenge is to find the plaintext format of the username and password.