CTF link.
We found out a user account has been compromised on our network. We took a packet capture of the time that we believe the remote login happened. Can you find out what the username of the compromised account is?
Flag format: swampCTF{
username}
If we examine the .pcap file in network miner, we can access Credential information.
We see that the username is adamkadaban.
swampCTF{adamkadaban}
Hello, I am Aleyna Doğan. I work as a Sr. Cyber Threat Intelligence Analyst. In my blog, we write blog posts that my friends and I want to share. Have a good read.