Internal Investigation

Case Study:
Internal Investigation

Would you like to follow along with us?

Enroll Now

Dive into an advanced digital forensics investigation where you’ll analyze a system compromised through a phishing attack. The attacker gained control over the victim's system, potentially using TeamViewer for persistent access. Your mission is to uncover how the attacker breached the system, established persistence, and conducted malicious activities.

Syllabus

Here’s the syllabus for this workshop:

Case Study

Description
Required Tasks
Scope of Work
Dataset

Windows Tasks

Task #1 - Evidence Verification
Task #2 - Mounting
Task #3 - Evidence Extraction & Processing
Task #4 - Initial Access
Task #5 - Persistence Mechanism & Other Activity
Task #6 - Logs, RDP and Service Analysis
Task #7 – TeamViewer & Ghost Task
Task #8 - Extra Investigation

Linux Tasks

Coming Soon

Conclusion and Reflection

Lessons Learned (Reflection)

If you'd like to practice in our
pre-configured Virtual Lab environment

Pay What You Can

What is next at Cyber 5W?

Add your email to the mailing list to get the latest updates.