Our Scenarios
forensics, Network Traffic Analysis

A Predictable Attack

Attack to a Critical System

You part of the Official National Organization (ONO) Blue Team, tasked with defending and responding to outsider attacks.

A few days ago your organization's website was behaving abnormally, becoming suddenly unreachable only for things to go back to normal shortly after. The hacktivist group Fsociety privately claiming responsibility. Shortly after, an internal, non-routable system part of ONO's infrastructure went offline. These two seemingly unrelated attacks happened on the same day, which is highly suspicious.

You and your team have been tasked to investigate these attacks in order to detect the root cause, respond to current and future threats, and patch any vulnerability that may be exploited on ONO's infrastructure.


This scenario requires the use of a packet capture analyzer such as wireshark or tcpdump or an online tools, to analyze some pcap files provided.

Technical Details

This scenario contains one virtual machine that is running three docker containers. Two of the containers are publicly routable, whilst one is not.