CTF Writeup: DanaBot Lab
Analyze network traffic using Wireshark to identify DanaBot initial access, deobfuscate malicious JavaScript, and extract IOCs like IPs, file hashes, and execution processes.. Introduction Back to CyberDefenders yet again! A lot of my recent posts have been focused more on Threat Intel. Threat Intel is great to have in the back of your mind as being something you may need to do. Attribution is important if you’re a Threat Hunter/Researcher, but if you’re a SOC Analyst then it’s not very likely that you’ll be collating every indicator from an alert - It’s much more likely that you’ll pick up an alert and investigate it, close it, and move on with the next five alerts that have come into your SIEM in the time it took. ...