MTK is a place to share data forensic tips learned throughout the course of loud keyboard banging. PGP Key http://bit.ly/UckgPW
On Tuesday August 2nd, 2022, I created a playground consisting of 23 systems. Ten Window 10 machines, ten Windows 11 machines, one Velociraptor Server and one Server 2019 Windows machine, compromised with a persistent remote access trojan that communicated to an attacker machine hosted outside of the US.
I created a few questions that I felt would be interesting and posted them as a quasi CTF/Practice with instructions on Github.