codeby.games tomonidan tashkil etilgan CTF ajoyib o'tdi 🔥
CTF dagi savollarni tashlashga harakat qilaman. Bu savollar kimgadir qiziq bo'lishi mumkin )

IOC (Indicator of compromise) - bu har bir faylda bor bo’lgan uning raqamli izlaridir , asosan hujumga uchragan tizimlarda
hujum qiluvchini topish uchun raqamli ekspertiza o’tkazilganda IOC yani raqamli izlar olinadi va analiz qilinadi.

Bu qanday imkoniyatlarni beradi ?

—— Haqiqiy fayl bilan soxta modifikatsiyalangan (mod) faylni farqlash
—— Virus zarar yetkazgan fayllarni aniqlash
—— Butun tizimda aynan qaysi bo’limlar zararlanganligini aniqlash imkoni
—— O’zgargan fayl tiplari (ext) ni aniqlash

IOC doimiy yozib boriladigan elektron daftarlar yani NOTEs bo’lishi kerak va barcha ma’lumotlar oxirida kriminalistik analiz reportiga kiritiladi.

IOC manager va malumot yig'ish, analiz qilishga misol sifatida Freeye ning Redline dasturini misol qilsak bo'ladi.
https://www.fireeye.com/services/freeware/redline.html

#IOC #SOC #BlueTeam

Avvalroq codeby.games tomonidan tashkil etilgan CTF haqida aytib o'tgandim. Men CTF dan so'ng codeby.games patformasidagi tasklarga CTF dagi savollar qo'shilishini kutgandim ammo hali beri bu tasklar platformada chiqmas ekan.
Shuning uchun OSINT savollarining barchasi va Writeup larni sizlarga bermoqchiman.
Afsuski qolgan 4 ta yo'nalishdagi tasklarni kanalga tashlolmayman hozrcha !!!

#OSINT

https://medium.com/@funt1kkk/solving-osint-tasks-from-cybercolosseum-ctf-a0e9469ccf0d

🚩 https://codeby.games

Medium
Solving OSINT tasks from CyberColosseum CTF
Introduction&Task Overview…

Kiber xavfsizlik Markazi va Mudofaa Vazirligi tomonidan o'tkazilgan CTF da 13-o'rinni egalladik bu bizning 4-bor CTF o'yinlarida qatnashishimiz. CTF ajoyib bo'ldi hammani tabriklayman 🔥 Bizning reverse engineering bo'yicha TEAM azosiga MVP ni berishga qaror qildik😎

#CTFTIME

https://lelinhtinh.github.io/de4js/
https://matthewfl.com/unPacker.html

JavaScript Deobfuscator and Unpacker

codeby.games room: https://codeby.games/en/categories/web/d46f4a49-49c3-4154-b806-c1b4e08d7ab5

#Preparation #For #CTF

codeby.games room: https://codeby.games/categories/web/4039cd20-79ed-4166-a975-968959212b69

First payload for this room: https://127.0.0.1/admin/panel.php?username=admin&password=admin
Final payload: https://127.0.0.1/admin/panel.php?username=admin&password=*****

Vulnerable type: SSRF

#Preparation #For #CTF

godeby.games room: https://codeby.games/categories/web/ca07034b-bde4-4c87-bc9d-bccea9cc9dd1

Vunerable type: Manipulation GET and POST requests

#Preparation #For #CTF

https://www.boxentriq.com/code-breaking/cipher-identifier

Automatically determine the type of encoding

Gourlex

It is a simple tool that can be used to extract URLs and paths from web pages. It can be helpful during web application assessments to uncover additional targets.

🔗Link https://github.com/trap-bytes/gourlex

#HacKingPro - Hack Like A Pro
Menu / To Do
[p] - Planning and Scoping
Asking for Target IP:
Asking for Target Name:
Asking for Target Phone:
Asking for Target Nik Name:
Asking for Target Email:
00 - Anonymity
00 - Firewall Rules
01 - Clear Logs
02 - Clear History
03 - Change MAC Address
04 - Change IP Address
05 - Change Routing
01 - Information Gathering
01 - Systems Information
02 - Networks Information
03 - Social Information
04 - SubDomain Information
02 - Vulnerability Assessment
03 - Web Application HacKing
04 - Database Assessment
05 - Password HacKing
06 - Wireless HacKing
07 - Reverse Engineering
08 - Exploit Frameworks & DataBases
09 - Sniffing - Spoofing
10 - Gaining & Maintaining Access
11 - Digital Forensic
12 - Analysis & Reporting
13 - Social Engineering
14 - Privilege Enumeration & Escalation
15 - Malware Analysis Labs/Tools
16 - Covering Tracks
https://github.com/Anlominus/HacKingPro