Yoga - GhostIDOR

1st place

10515 points

Solves

Challenge	Category	Value
Persistence time	Threat Hunting	260
Persistence Technique ID	Threat Hunting	300
Persistence Technique action	Threat Hunting	280
Attacker Full Name	Threat Hunting	200
Exfiltration Method	Threat Hunting	200
forked	Threat Hunting	180
Telegram ID	Network Forensics	250
Communication Channel Key	Network Forensics	275
Github Username	Network Forensics	150
Data Theft Blueprint	Network Forensics	210
Patient Zero Identification	Network Forensics	200
Elapsed Time	Network Forensics	150
Incident Response Report Submission	Incident Reporting	2500
The Money Trail 2	Memory Forensics	350
Mining Pool Endpoint	Memory Forensics	200
The Money Trail	Memory Forensics	350
Process Identifier Hunt	Memory Forensics	200
Parent	Memory Forensics	150
Service Exposure Point	Memory Forensics	100
ssh port	Memory Forensics	95
Phantom Process	Memory Forensics	90
ASN	Threat Intelligence	150
Source Country	Threat Intelligence	150
The Fox	Threat Intelligence	150
Threat Classification	Threat Intelligence	150
Infrastructure Attribution	Threat Intelligence	150
Reputation Check	Threat Intelligence	150
Identity Compromise	SIEM Analysis	200
Executable Hunt	SIEM Analysis	200
Port of Fortune	SIEM Analysis	200
Mining Operation Discovery	SIEM Analysis	200
Backdoor Gateway	SIEM Analysis	200
The Origin Point	SIEM Analysis	200
New Administrative Account	Alert Triaging	300
Suspicious New Domain Access detected	Alert Triaging	300
Elevated Privileges Detected	Alert Triaging	300
Malicious Web Traffic	Alert Triaging	300
Password Reset Activity	Alert Triaging	300
4 - Compromised System Identification	Scenario Reading	50
3 - Security Monitoring Infrastructure	Scenario Reading	50
2 - Incident Timeline	Scenario Reading	50
1 - Company Profile	Scenario Reading	50
Sheat Cheet	Sanity Check	10
Rules Reading	Sanity Check	6
Nama Kapal	Sanity Check	5
Nama Tools	Sanity Check	3
First President	Sanity Check	1