Level 1: Domain controller, 500 / 850 (59%)
58.823529411765% complete
Level 2: W10-PC3, 0 / 1,050 (0%)
0% complete
Level 3: W10-PC5, 0 / 1,150 (0%)
0% complete
Total: 500 / 3,050 (16.4%)
Challenge Solved Points
09. What is the IP used by the attackers to connect to the domain controller ? (Level 1: Domain controller) #130, 4 years, 7 months after release (2025-07-08 16:59:31) 25
08. The GPO establish a fixed time for ransomware execution. Which time are the scheduled tasks of doom timed to start? (Level 1: Domain controller) #124, 4 years, 7 months after release (2025-07-08 16:30:19) 75
07. Which ransomware family are the attackers planning to deploy? (Level 1: Domain controller) #127, 4 years, 7 months after release (2025-07-08 16:09:03) 50
06. Which specific threat is launched by the AV detection? (Level 1: Domain controller) #109, 2 years, 4 months after release (2025-07-08 15:59:21) 75
04. A foul-mouthed named script was executed a little after this user login. What is its name? (Level 1: Domain controller) #142, 4 years, 7 months after release (2025-07-08 15:41:37) 50
03. At what time can you see a logon type 10 user login on the domain controller? (Level 1: Domain controller) #145, 4 years, 7 months after release (2025-07-08 15:40:43) 50
02. At which time can the second malicious GPO be considered as loaded and ready to be applied? (Level 1: Domain controller) #145, 4 years, 7 months after release (2025-07-08 14:47:54) 100
01- What is the name of the first anomalous GPO? (Level 1: Domain controller) #144, 2 years, 4 months after release (2025-07-08 14:47:25) 75