BTLO Network Analysis Webshell Walkthrough (Video Only)
The writeups will be a series to document how I solved each scenario on BTLO (Blue Team Labs Online), hope you will enjoy it :)
Note, the free BTLO challenge will be video only :)
Network Analysis Webshell Video Walkthrough
Scenario
**The SOC received an alert in their SIEM for ‘Local to Local Port Scanning’ where an internal private IP began scanning another internal system. Can you investigate and determine if this activity is malicious or not? You have been provided a PCAP, investigate using any tools you wish. **
Tools
Wireshark
TCPDump
TShark
Difficulty
- Easy
Reading Material
N/A