{"version":1,"pages":[{"id":"WKDt6auoWvbw6YYpxXI4","title":"Start","pathname":"/cas-cybersecurity","siteSpaceId":"sitesp_8azGK","description":"CAS Cybersecurity gitbook documentation"},{"id":"-MfT6Myz4rc_ZtAe5gPz","title":"Reconnaissance","pathname":"/cas-cybersecurity/master","siteSpaceId":"sitesp_8azGK","description":"Reconnaissance is a set of processes and techniques (Footprinting, Scanning & Enumeration) used to covertly discover and collect information about a target system."},{"id":"EK0cs77GPrB8s8XIA9zh","title":"Opensource Intelligence","pathname":"/cas-cybersecurity/master/opensource-intelligence","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Reconnaissance"}]},{"id":"-MhDYww4g97SeHtfTNsT","title":"Docker basics and Images","pathname":"/cas-cybersecurity/docker-basics","siteSpaceId":"sitesp_8azGK","description":"This chapter will cover some basic commands of docker. It will also show you some examaples where you can find and install docker images to train and sharp your security skills :)"},{"id":"j8eAcTGZg3r3DrqGXxf3","title":"Damn Vulnerable Webapp","pathname":"/cas-cybersecurity/docker-basics/damn-vulnerable-webapp","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Docker basics and Images"}]},{"id":"5g8Av4HlkyFf2udM7AKo","title":"bWAPP","pathname":"/cas-cybersecurity/docker-basics/bwapp","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Docker basics and Images"}]},{"id":"ZLynUqLxUfSLe0cQh6Dj","title":"Juice Webshop","pathname":"/cas-cybersecurity/docker-basics/juice-webshop","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Docker basics and Images"}]},{"id":"oGqnpUi4TH7rSITxE7ny","title":"Webgoat","pathname":"/cas-cybersecurity/docker-basics/webgoat","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Docker basics and Images"}]},{"id":"WudXhEG2yXuC3ZsIYaT8","title":"Metasploitable 2","pathname":"/cas-cybersecurity/docker-basics/metasploitable-2","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Docker basics and Images"}]},{"id":"m9HRoqTI6X6ufFaB3NHu","title":"Metasploitable 3","pathname":"/cas-cybersecurity/docker-basics/metasploitable-3","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Docker basics and Images"}]},{"id":"gJBUy4DCpjnWklbuCn8R","title":"MISP Docker (old)","pathname":"/cas-cybersecurity/docker-basics/misp-docker-old","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Docker basics and Images"}]},{"id":"v2yVLyTcZyptNlXykN6s","title":"MISP Docker (new)","pathname":"/cas-cybersecurity/docker-basics/misp-docker-new","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Docker basics and Images"}]},{"id":"-MhUzu06jAywrNC8S7Cv","title":"Scanning and Enumeration","pathname":"/cas-cybersecurity/scanning-and-enumeration","siteSpaceId":"sitesp_8azGK","description":"In this chapter I'll show you the basic commands of nmap, a way where you can practice your scans and a short introduction how you can use the metasploit auxiliary modules to scan for smb and http."},{"id":"ECEXmTIWOjTM4FmWSiq2","title":"Scanning with zenmap","pathname":"/cas-cybersecurity/scanning-and-enumeration/scanning-with-zenmap","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Scanning and Enumeration"}]},{"id":"MWDb5X96BePlpBp0s4Er","title":"Scanning with nmap","pathname":"/cas-cybersecurity/scanning-and-enumeration/scanning-with-nmap","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Scanning and Enumeration"}]},{"id":"ekr694JAHWhETbqTMVLT","title":"Scanning with msf auxiliary","pathname":"/cas-cybersecurity/scanning-and-enumeration/scanning-with-msf-auxiliary","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Scanning and Enumeration"}]},{"id":"-MhYxxcxdO36KYfPQjx0","title":"Vulnerability Scanning and Analysis","pathname":"/cas-cybersecurity/vulnerability-scanning-and-analysis","siteSpaceId":"sitesp_8azGK","description":"In this chapter I'll show you a way how you can use nmap with NSE scripts to scan for vulnerabilities"},{"id":"lAc9RZGZo2Js7JVcjPkl","title":"OpenVAS","pathname":"/cas-cybersecurity/vulnerability-scanning-and-analysis/openvas","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Vulnerability Scanning and Analysis"}]},{"id":"rx9QWYCcE82Jc64O6DS2","title":"nmap vulnerability scan","pathname":"/cas-cybersecurity/vulnerability-scanning-and-analysis/nmap-vulnerability-scan","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Vulnerability Scanning and Analysis"}]},{"id":"NFjXPgpile3MbHansltn","title":"MSF Auxiliary Modules","pathname":"/cas-cybersecurity/vulnerability-scanning-and-analysis/msf-auxiliary-modules","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Vulnerability Scanning and Analysis"}]},{"id":"-MheQGlZMw0OXWL6b35H","title":"Exploitation","pathname":"/cas-cybersecurity/exploitation","siteSpaceId":"sitesp_8azGK","description":"In this chapter I'll show you how you can perform a vulnerability scan with nmap against the metasploitable2 docker image and exploit some of it's services."},{"id":"fgITZx5CPMQJOXsrt9vo","title":"Metasploitable 2","pathname":"/cas-cybersecurity/exploitation/metasploitable-2","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Exploitation"}]},{"id":"NQttGxpWTYVFlba7UaJ0","title":"Redis Server","pathname":"/cas-cybersecurity/exploitation/redis-server","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Exploitation"}]},{"id":"30FTaPUcPyqfiUjtBMBz","title":"Print Nightmare","pathname":"/cas-cybersecurity/exploitation/print-nightmare","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Exploitation"}]},{"id":"aKLx4E0O1cLSCJ5r2txC","title":"Baron Samedit","pathname":"/cas-cybersecurity/exploitation/baron-samedit","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Exploitation"}]},{"id":"eOy4shdbMBgv1kc7o3Lp","title":"Polkit","pathname":"/cas-cybersecurity/exploitation/polkit","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Exploitation"}]},{"id":"4wgYLScAEhqFbZuf3blX","title":"Heartbleed","pathname":"/cas-cybersecurity/exploitation/heartbleed","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Exploitation"}]},{"id":"-Mhi2JJrJebo4Y3_mocf","title":"Man in the Middle","pathname":"/cas-cybersecurity/man-in-the-middle","siteSpaceId":"sitesp_8azGK","description":"In this chapter I'll show you how you can perform a man in the middle attack against a windows box which is in the same VMNet than my Kali Linux System."},{"id":"8F2dMk57HBYy8Ywm3Vve","title":"ARP Cache poisoning","pathname":"/cas-cybersecurity/man-in-the-middle/arp-cache-poisoning","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Man in the Middle"}]},{"id":"TpzHwyn4qFRMTkf42pof","title":"RDP MitM Exercise","pathname":"/cas-cybersecurity/man-in-the-middle/rdp-mitm-exercise","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Man in the Middle"}]},{"id":"01Xax6FT8pZvddzAhABf","title":"Windows Hacking","pathname":"/cas-cybersecurity/windows-hacking","siteSpaceId":"sitesp_8azGK","description":""},{"id":"KVzJKG5foKA2Wc20nqfj","title":"Throwback Network","pathname":"/cas-cybersecurity/windows-hacking/throwback-network","siteSpaceId":"sitesp_8azGK","description":"Challenge URL: https://tryhackme.com/network/throwback","breadcrumbs":[{"label":"Windows Hacking"}]},{"id":"WMblwThlTXc8xoDjwtNa","title":"Entering the breach","pathname":"/cas-cybersecurity/windows-hacking/throwback-network/entering-the-breach","siteSpaceId":"sitesp_8azGK","description":"Exploring systems and services","breadcrumbs":[{"label":"Windows Hacking"},{"label":"Throwback Network"}]},{"id":"VlaVjDneF3Vv2pw9XGr1","title":"Exploring the caverns","pathname":"/cas-cybersecurity/windows-hacking/throwback-network/exploring-the-caverns","siteSpaceId":"sitesp_8azGK","description":"Enummerating Webservers, gain more information about the company itself","breadcrumbs":[{"label":"Windows Hacking"},{"label":"Throwback Network"}]},{"id":"B1aCa7fqJseKKBzynaL3","title":"Webshells and you!","pathname":"/cas-cybersecurity/windows-hacking/throwback-network/webshells-and-you","siteSpaceId":"sitesp_8azGK","description":"Finding attack vector in pfsense","breadcrumbs":[{"label":"Windows Hacking"},{"label":"Throwback Network"}]},{"id":"FuWzN2L2iH9Q50E4uQIQ","title":"First Contact","pathname":"/cas-cybersecurity/windows-hacking/throwback-network/first-contact","siteSpaceId":"sitesp_8azGK","description":"Get a reverseshell","breadcrumbs":[{"label":"Windows Hacking"},{"label":"Throwback Network"}]},{"id":"THDElit37EPwYcFHAdux","title":"WinAttack LAB","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"}]},{"id":"lwcbHp6OLE5LUBMFbNG9","title":"Module 01","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab/module-01","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"},{"label":"WinAttack LAB"}]},{"id":"M2Z4IFtgUOgNlYGEbs0J","title":"Module 02","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab/module-02","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"},{"label":"WinAttack LAB"}]},{"id":"N90YTBXf8adU9PBqidFR","title":"Module 03","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab/module-03","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"},{"label":"WinAttack LAB"}]},{"id":"rsa8D4Bzj1OE3BsPnCcJ","title":"Module 04","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab/module-04","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"},{"label":"WinAttack LAB"}]},{"id":"VSnV5f5Lc9g4YEtjfc7i","title":"Module 05","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab/module-05","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"},{"label":"WinAttack LAB"}]},{"id":"LIPwKdLuAPe4KjMXiqJX","title":"Module 06","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab/module-06","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"},{"label":"WinAttack LAB"}]},{"id":"pBnCCapEDkO5Ok1ljgoY","title":"Module 07","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab/module-07","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"},{"label":"WinAttack LAB"}]},{"id":"JDCRYGM6Z5C4v00V4iQU","title":"Module 08","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab/module-08","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"},{"label":"WinAttack LAB"}]},{"id":"QOnwxzCI1OfZ1KeknPm6","title":"Module 09","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab/module-09","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"},{"label":"WinAttack LAB"}]},{"id":"PFS8D24JAkJ0MybQVDsj","title":"Module 10","pathname":"/cas-cybersecurity/windows-hacking/winattack-lab/module-10","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Windows Hacking"},{"label":"WinAttack LAB"}]},{"id":"-Mhir0QPxvPrZC9_vXNu","title":"Web Application Security","pathname":"/cas-cybersecurity/web-application-security","siteSpaceId":"sitesp_8azGK","description":"This chapter will give a short overview of the OWASP Top10 and a little introduction into BURP Suite."},{"id":"Smn82p5i8ACqG1kKfT0O","title":"Burp Proxy Introduction","pathname":"/cas-cybersecurity/web-application-security/burp-proxy-introduction","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Web Application Security"}]},{"id":"0p3HYzBIfrE3Rjp8OUrn","title":"DVWA","pathname":"/cas-cybersecurity/web-application-security/dvwa","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Web Application Security"}]},{"id":"-MhjlKdI3jUq8OA1Zvnn","title":"DVWA Exercises 1","pathname":"/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-1","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Web Application Security"},{"label":"DVWA"}]},{"id":"-MhjlSuCMg9lGNthER0f","title":"DVWA Exercises 2","pathname":"/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-2","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Web Application Security"},{"label":"DVWA"}]},{"id":"-Mhm_Z_-ZfWkHgSBiosU","title":"DVWA Exercises 3","pathname":"/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-3","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Web Application Security"},{"label":"DVWA"}]},{"id":"PPywqxcdjOevG7bCMkxi","title":"DVWA Exercises 4","pathname":"/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-4","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Web Application Security"},{"label":"DVWA"}]},{"id":"eSOOO7w6rA2JgQUkjEIh","title":"DVWA Exercises 5","pathname":"/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-5","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Web Application Security"},{"label":"DVWA"}]},{"id":"O4gdCaK4WmO7TnfEHtUC","title":"DVWA Exercises 6","pathname":"/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-6","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Web Application Security"},{"label":"DVWA"}]},{"id":"RnpljH1kLGVj3H2VIrOt","title":"DVWA Exercises 7","pathname":"/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-7","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Web Application Security"},{"label":"DVWA"}]},{"id":"AUhG25rcozmrzREiaUa9","title":"DVWA Exercises 8","pathname":"/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-8","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Web Application Security"},{"label":"DVWA"}]},{"id":"IJxpiTcd67QnVpBEKf1o","title":"CTF and Crypto Exercises","pathname":"/cas-cybersecurity/ctf-and-crypto-exercises","siteSpaceId":"sitesp_8azGK","description":"In this chapter I'll add some Crypto Exercises"},{"id":"H7jCPu9X7NC9sU8IGwKA","title":"Cyberchef Challenge","pathname":"/cas-cybersecurity/ctf-and-crypto-exercises/cyberchef-challenge","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"CTF and Crypto Exercises"}]},{"id":"Hb7d1WQ5w5aQDtw8d99W","title":"HTB Invite Challenge","pathname":"/cas-cybersecurity/ctf-and-crypto-exercises/htb-invite-challenge","siteSpaceId":"sitesp_8azGK","description":"This is my writeup howto solve the Invite Challenge for the HacktheBox Cybersecurity Training Platform.","breadcrumbs":[{"label":"CTF and Crypto Exercises"}]},{"id":"cPVwF4wZltFsAc1xqEW1","title":"BSides London 2019 Challenge","pathname":"/cas-cybersecurity/ctf-and-crypto-exercises/bsides-london-2019-challenge","siteSpaceId":"sitesp_8azGK","description":"This is my writeup for a security puzzle that gave me the possibility to attent the BSides 2019 IT-Security Conference","breadcrumbs":[{"label":"CTF and Crypto Exercises"}]},{"id":"ua7pkqkZEH5oLN9P96fM","title":"Ninja Sec Challenge","pathname":"/cas-cybersecurity/ctf-and-crypto-exercises/ninja-sec-challenge","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"CTF and Crypto Exercises"}]},{"id":"iAASB5kpU5YHwSxAG6ek","title":"Threat Intelligence","pathname":"/cas-cybersecurity/threat-intelligence","siteSpaceId":"sitesp_8azGK","description":""},{"id":"5RWS3nnOZ3cajE4GiOrp","title":"MISP Exercise 1","pathname":"/cas-cybersecurity/threat-intelligence/misp-exercise-1","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Threat Intelligence"}]},{"id":"FN3JkyXKM6hoVgfhcoLu","title":"MISP Exercise 2","pathname":"/cas-cybersecurity/threat-intelligence/misp-exercise-2","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Threat Intelligence"}]},{"id":"uu0ipdgTsRg33DUemhNY","title":"MISP Exercise 3","pathname":"/cas-cybersecurity/threat-intelligence/misp-exercise-3","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Threat Intelligence"}]},{"id":"L3Uyuhh6pv5onYICnA6g","title":"MISP Exercise 4","pathname":"/cas-cybersecurity/threat-intelligence/misp-exercise-4","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Threat Intelligence"}]},{"id":"4smdgTwog0Yln84Zpcef","title":"MISP Exercise 5","pathname":"/cas-cybersecurity/threat-intelligence/misp-exercise-5","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Threat Intelligence"}]},{"id":"NrIs3OCi5fJ5Ug28PshQ","title":"MISP Exercise 6","pathname":"/cas-cybersecurity/threat-intelligence/misp-exercise-6","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Threat Intelligence"}]},{"id":"bOcqVBCsthP8vpkMHin8","title":"MISP Exercise 7","pathname":"/cas-cybersecurity/threat-intelligence/misp-exercise-7","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Threat Intelligence"}]},{"id":"EGWhMYbKtrlMqAqWYyYD","title":"MISP Exercise 8","pathname":"/cas-cybersecurity/threat-intelligence/misp-exercise-8","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Threat Intelligence"}]},{"id":"cK8vGqA90mzzQz4m5g6F","title":"Virus Total Graph Exercise","pathname":"/cas-cybersecurity/threat-intelligence/virus-total-graph-exercise","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Threat Intelligence"}]},{"id":"lV02cbjjf5r7Mp0qTkoB","title":"RFI Incoming!","pathname":"/cas-cybersecurity/threat-intelligence/rfi-incoming","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Threat Intelligence"}]},{"id":"F8TmaQoWpFMpvImD7sUX","title":"Forensic Exercises","pathname":"/cas-cybersecurity/forensic-exercises","siteSpaceId":"sitesp_8azGK","description":""},{"id":"Yh2BPZCqSuoUbzsu4F88","title":"Disk Forensics","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"}]},{"id":"ey7L5Vyr9WVltPiWydSE","title":"The Sleuth Kit Intro","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/the-sleuth-kit-intro","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"eLE2CC3I9BBoXOdnbznU","title":"Filecarving with Foremost","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/filecarving-with-foremost","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"y4oc1m6IxnRx2wC7CxjQ","title":"Filecarving with scalpel","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/filecarving-with-scalpel","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"NWZESnhxQu08cldojVQQ","title":"Bulk extractor","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/bulk-extractor","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"NmPk7GjCwaGhaIZdEVIy","title":"Disk acquisition with dd","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/disk-acquisition-with-dd","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"Gj0HzMDWA4Y9Sb5dTKGp","title":"Disk acquisition with dcfldd","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/disk-acquisition-with-dcfldd","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"KMcDIdxgGgM3QYPlJxfs","title":"Disk acquisition with ewftools","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/disk-acquisition-with-ewftools","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"exd8JKMKD3vbFQiMGCM7","title":"Disk acquisition with FTK Imager","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/disk-acquisition-with-ftk-imager","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"GXfFU0IFN9nPBcBwcWYr","title":"Mount disk image (raw)","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/mount-disk-image-raw","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"BReFIUDqtN2JMM574LQN","title":"Unknown USB Stick","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/unknown-usb-stick","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"4OjLVnvONyHUlM8hrOis","title":"USB Stick Filecarving","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/usb-stick-filecarving","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"ktTqAC0RVzWtMNQgmSzG","title":"Autopsy Exercise","pathname":"/cas-cybersecurity/forensic-exercises/disk-forensics/autopsy-exercise","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Disk Forensics"}]},{"id":"JyI13M1TrlBjIJIpCpIA","title":"Windows Forensics","pathname":"/cas-cybersecurity/forensic-exercises/windows-forensics","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"}]},{"id":"2BUFmP8Bfg50sR0byCS8","title":"Bitunlocker","pathname":"/cas-cybersecurity/forensic-exercises/windows-forensics/bitunlocker","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Windows Forensics"}]},{"id":"xf0cjAGz6RCbHd2e46qE","title":"Alternate Datastreams","pathname":"/cas-cybersecurity/forensic-exercises/windows-forensics/alternate-datastreams","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Windows Forensics"}]},{"id":"0Uahf8Y7vBCY4VXVdgyC","title":"Memory Forensics","pathname":"/cas-cybersecurity/forensic-exercises/memory-forensics","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"}]},{"id":"OJhrtQEVFqdJXPqLG6ng","title":"Volatility2 Basics (Linux)","pathname":"/cas-cybersecurity/forensic-exercises/memory-forensics/volatility2-basics-linux","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Memory Forensics"}]},{"id":"NZgdu2ynyi1cEC7mNpIW","title":"Volatility2 Exercise 1","pathname":"/cas-cybersecurity/forensic-exercises/memory-forensics/volatility2-exercise-1","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Memory Forensics"}]},{"id":"WMpfC2SPmZ4HBEyuRyiG","title":"Volatility3 Exercise 1","pathname":"/cas-cybersecurity/forensic-exercises/memory-forensics/volatility3-exercise-1","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Memory Forensics"}]},{"id":"Q65HdQ7Fh85131HkNSCJ","title":"Volatility3 Exercise 2","pathname":"/cas-cybersecurity/forensic-exercises/memory-forensics/volatility3-exercise-2","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Memory Forensics"}]},{"id":"tvMBEyILVtwCtuFAn6cr","title":"Volatility3 Exercise 3","pathname":"/cas-cybersecurity/forensic-exercises/memory-forensics/volatility3-exercise-3","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Memory Forensics"}]},{"id":"bQH15eYjCeKp77BdK5cP","title":"Image Forensics","pathname":"/cas-cybersecurity/forensic-exercises/image-forensics","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"}]},{"id":"eakcsTpeDNjgFlrUQGR4","title":"Unswirl Image","pathname":"/cas-cybersecurity/forensic-exercises/image-forensics/unswirl-image","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Image Forensics"}]},{"id":"On8P72GqfQbjxkxR8NZe","title":"Manual Filecarving 1","pathname":"/cas-cybersecurity/forensic-exercises/image-forensics/manual-filecarving-1","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Image Forensics"}]},{"id":"jTDR3X02uj5l3PdovAWI","title":"Manual Filecarving 2","pathname":"/cas-cybersecurity/forensic-exercises/image-forensics/manual-filecarving-2","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Image Forensics"}]},{"id":"MRiOFLuyiYK0v6vRqjUJ","title":"Browser Forensics","pathname":"/cas-cybersecurity/forensic-exercises/browser-forensics","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"}]},{"id":"19o4qcLduPLJZHpyd4rc","title":"Mail Header Analysis","pathname":"/cas-cybersecurity/forensic-exercises/mail-header-analysis","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"}]},{"id":"9c3IloXJQ9Vt81dvVEka","title":"Timestomping Exercise","pathname":"/cas-cybersecurity/forensic-exercises/timestomping-exercise","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"}]},{"id":"6zgWkhDfietKL58SzLcN","title":"Network Forensics","pathname":"/cas-cybersecurity/forensic-exercises/network-forensics","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"}]},{"id":"VSwl5EznhZIRJEZjQkqf","title":"Tshark Exercise","pathname":"/cas-cybersecurity/forensic-exercises/network-forensics/tshark-exercise","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Exercises"},{"label":"Network Forensics"}]},{"id":"kojd3jvAo2jn8Bd4Lvia","title":"Malware Analysis","pathname":"/cas-cybersecurity/malware-analysis","siteSpaceId":"sitesp_8azGK","description":""},{"id":"legxGqbxIFtEeEVYMvcV","title":"Ransomware","pathname":"/cas-cybersecurity/malware-analysis/ransomware","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"}]},{"id":"Pxg5xRvg6mSMoLfXVOW3","title":"General Introduction","pathname":"/cas-cybersecurity/malware-analysis/ransomware/general-introduction","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"Ransomware"}]},{"id":"vkV8Wm0ol7lhup5EBx3s","title":"Ryuk","pathname":"/cas-cybersecurity/malware-analysis/ransomware/ryuk","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"Ransomware"}]},{"id":"8ceoMcqK49oaxtMuAe70","title":"RansomEXX","pathname":"/cas-cybersecurity/malware-analysis/ransomware/ransomexx","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"Ransomware"}]},{"id":"8OGLmOR8PXWuuF49vmnC","title":"REvil","pathname":"/cas-cybersecurity/malware-analysis/ransomware/revil","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"Ransomware"}]},{"id":"uSgN664ABAHQrvLazXkb","title":"BlackMatter","pathname":"/cas-cybersecurity/malware-analysis/ransomware/blackmatter","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"Ransomware"}]},{"id":"v37kbfEw2u7tDpGkxKhg","title":"Hades","pathname":"/cas-cybersecurity/malware-analysis/ransomware/hades","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"Ransomware"}]},{"id":"2oVj76yr2bnZlxhEiuSD","title":"Egregor","pathname":"/cas-cybersecurity/malware-analysis/ransomware/egregor","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"Ransomware"}]},{"id":"rAQ6vvmujZCC808tXIkF","title":"DoppelPaymer","pathname":"/cas-cybersecurity/malware-analysis/ransomware/doppelpaymer","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"Ransomware"}]},{"id":"dEk6StzoLRprlg1sb2Gx","title":"YARA","pathname":"/cas-cybersecurity/malware-analysis/yara","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"}]},{"id":"dP6QFOPw3oTxqia9gmXR","title":"YARA Install","pathname":"/cas-cybersecurity/malware-analysis/yara/yara-install","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"YARA"}]},{"id":"UUqvgDGcalbemmf5fxh0","title":"yarGen","pathname":"/cas-cybersecurity/malware-analysis/yara/yargen","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"YARA"}]},{"id":"Odo4WeM0VMFqKe6D2ZAt","title":"YARA with Cyberchef","pathname":"/cas-cybersecurity/malware-analysis/yara/yara-with-cyberchef","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"YARA"}]},{"id":"4Dh1Q9zlaI6rya5QqhLH","title":"TCP dump analysis","pathname":"/cas-cybersecurity/malware-analysis/yara/tcp-dump-analysis","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"YARA"}]},{"id":"Hzh36moJ6raFN8ZYdMaO","title":"Memory dump analysis","pathname":"/cas-cybersecurity/malware-analysis/yara/memory-dump-analysis","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"},{"label":"YARA"}]},{"id":"z2cMPTdj2L8A3ttZvQnW","title":"Dosfuscated Scripts","pathname":"/cas-cybersecurity/malware-analysis/dosfuscated-scripts","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Malware Analysis"}]},{"id":"qo4B6B9QojWkP1EClYwp","title":"Android Malware","pathname":"/cas-cybersecurity/android-malware","siteSpaceId":"sitesp_8azGK","description":""},{"id":"EwQpXwzCTb3mMjQP8mCz","title":"LAB Setup 1","pathname":"/cas-cybersecurity/android-malware/lab-setup-1","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Android Malware"}]},{"id":"YHQD1JOX1tG5Pd3jvA4z","title":"LAB Setup 2","pathname":"/cas-cybersecurity/android-malware/lab-setup-2","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Android Malware"}]},{"id":"UkJZJqVBZxzgUta9JaSi","title":"Android Manifest","pathname":"/cas-cybersecurity/android-malware/android-manifest","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Android Malware"}]},{"id":"uWU0Dup5y6Rdx2RdvSZ7","title":"Android Permissions","pathname":"/cas-cybersecurity/android-malware/android-permissions","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Android Malware"}]},{"id":"jgef5P5K13A7aRuQhr7E","title":"APP Tracing with Frida","pathname":"/cas-cybersecurity/android-malware/app-tracing-with-frida","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Android Malware"}]},{"id":"87V4dZ9zliThilSeMo9v","title":"AES Key decryption","pathname":"/cas-cybersecurity/android-malware/aes-key-decryption","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Android Malware"}]},{"id":"YWup0APSf7Lqa8CyawBS","title":"RedAlert","pathname":"/cas-cybersecurity/android-malware/redalert","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Android Malware"}]},{"id":"fbcT0vcKGbvHcjG9h1mQ","title":"BlackRoseLucy","pathname":"/cas-cybersecurity/android-malware/blackroselucy","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Android Malware"}]},{"id":"fRrHRVQLPnHxJH3N3unU","title":"Crackme RE Challenge","pathname":"/cas-cybersecurity/android-malware/crackme-re-challenge","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Android Malware"}]},{"id":"0z1k6ZKee98xIrkGdO8M","title":"Forensic Readiness","pathname":"/cas-cybersecurity/forensic-readiness","siteSpaceId":"sitesp_8azGK","description":""},{"id":"YCqfnCMDslz7jfVYVtns","title":"Windows Event Logs","pathname":"/cas-cybersecurity/forensic-readiness/windows-event-logs","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Readiness"}]},{"id":"MZpZb9ebspecFpA5zAMj","title":"Windows Sysmon","pathname":"/cas-cybersecurity/forensic-readiness/windows-sysmon","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Readiness"}]},{"id":"GVZDSc2qst0SjUFEbL7N","title":"Sysmon: Capture Clipboard","pathname":"/cas-cybersecurity/forensic-readiness/sysmon-capture-clipboard","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Readiness"}]},{"id":"O9eWHwVI1gpQPs6pQI1H","title":"Sysmon: Process Injection","pathname":"/cas-cybersecurity/forensic-readiness/sysmon-process-injection","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Readiness"}]},{"id":"rGD2pjwib3ypUk5wwzv2","title":"Ransomware Detection","pathname":"/cas-cybersecurity/forensic-readiness/ransomware-detection","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Readiness"}]},{"id":"rf0NXfBLXjlLevCORgyu","title":"Signature based","pathname":"/cas-cybersecurity/forensic-readiness/ransomware-detection/signature-based","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Forensic Readiness"},{"label":"Ransomware Detection"}]},{"id":"JPncX9YtZZ2gFw8Nphrz","title":"Live Response","pathname":"/cas-cybersecurity/live-response","siteSpaceId":"sitesp_8azGK","description":""},{"id":"QplQ0ae6Q2QtvSsOdOfd","title":"Velociraptor P1","pathname":"/cas-cybersecurity/live-response/velociraptor-p1","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Live Response"}]},{"id":"zyv5A57NfCt6ZYQ8Izzu","title":"Velociraptor P2","pathname":"/cas-cybersecurity/live-response/velociraptor-p2","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Live Response"}]},{"id":"aRLE2dEkPDwAo0dutxrY","title":"Velociraptor P3","pathname":"/cas-cybersecurity/live-response/velociraptor-p3","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Live Response"}]},{"id":"ZZtnBCFDJUo1np9dek8v","title":"Windows Response LAB","pathname":"/cas-cybersecurity/live-response/windows-response-lab","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Live Response"}]},{"id":"qNMmy3jPpMrwpu5PmjI6","title":"Lateral Movement Detection","pathname":"/cas-cybersecurity/live-response/windows-response-lab/lateral-movement-detection","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Live Response"},{"label":"Windows Response LAB"}]},{"id":"yphl7j7RySUCtvhR3csX","title":"Detect persistence","pathname":"/cas-cybersecurity/live-response/windows-response-lab/detect-persistence","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Live Response"},{"label":"Windows Response LAB"}]},{"id":"daIPAwAPBlhHBW6OGvdM","title":"Volatility Analysis","pathname":"/cas-cybersecurity/live-response/windows-response-lab/volatility-analysis","siteSpaceId":"sitesp_8azGK","description":"","breadcrumbs":[{"label":"Live Response"},{"label":"Windows Response LAB"}]}]}