Spook Louder
As a Threat Hunter with the National CERT in Nigeria, you are assigned to be proactive in detecting defaced websites using open-source solutions. Your Team Lead whispered an online tool you can use in achieving it but before you could take off your headset and request he repeats what he said, he has left to catch up with an earlier scheduled engagement. You are left with the option of finding out the tool you can use to achieve the task.
NAIS
How many pillars does the drafted National Artificial Intelligence Strategy document have and how many years was implementation planned for?
Cybercrime Act
What major change was affected by the amended Cybercrime Prohibition Act of 2015?
NCPS?
How many major pillars focus of National Cybersecurity Policy and Strategy?
What do you know about CNII?
What is the name of the gazette that designated critical national information infrastructure and how many key critical sectors were the focus of this gazette?
CERT/ CSIRT in Nigeria
How many CERTs/CSIRTs do we currently have in Nigeria? Focus on national and sectorial certs inclusive?
CSEAN Leadership
Who is the immediate past president and current president of CSEAN?
NCPS: International Collaboration
How many international documents on cybercrime has Nigeria accented to? Name them.
NCPS: International Collaboration II
Does Nigeria belong to any international community or initiative to combat cybercrime? If yes name the most recent, and who is representing Nigeria?
Data Protection Map in Africa
How many countries in Africa have a data protection regime? What is the name of the authority responsible for this in Nigeria, who is the leading that, and what is the name of the data protection and privacy law in Nigeria?
Cyber Levy again?
Which of the documents speaks to the cybersecurity levy in Nigeria?
N Tripple C - NCCC
What is the name of the National Cybersecurity Coordinator and where is the NCCC residing?
Encryption As A Service
We provide a new method of encryption and we use it as our service and yes it's totally free.
URL--- nc 0.cloud.chals.io 13755
My Box
Get me free from this box.
URL--- nc 0.cloud.chals.io 31202
Crash course (DIY)
As the Team Lead of GoLegit Cyber Task Force, you are tasked to procure and configure your most desirable SIEM solution. You preferred using Alienvault or one of the most popular SIEM solutions, IBM QRadar but since a sizable number of your teammates are familiar with Splunk, you settled for the most common solution. Kindly provide the MD5 string of the default Transport Layer Security Syslog port that the chosen SIEM solution listens on. You have also facilitated self-paced training courses to enable team members to be familiar with the selected solution
Shorter day, Longer Night
As the Remote Security Operation Center (SOC) Analyst of Lynsec on the night shift, you received an alert obtained from the company's WAF in an encrypted log file. Thankfully, the file was successfully decoded and extracted by the Analyst on the previous shift. You are required to investigate and present your findings before morning in the following format to enable you to submit the flag successfully:
A: The IP address of the hacker
B: The name of the scanner that is used by the attacker
C: Number of bytes in the sensitive file stolen
D: Data and time of the successful attack (mm/dd/yyyy:hh:mm:ss )
Flag Format: csean-ctf{A:B:C:D}24
Telco- Log Identification
A telecom organization experienced a compromise of several servers shortly after they were provisioned for a client. As the security team, you have been tasked with investigating the incident to determine the root cause. You will be provided with various artefacts, including a series of logs and network traffic data, to assist in your analysis. Identify each of the log files you are given to investigate by name
Telco - Attackers IP
What are the top 3 IP addresses (in order of their counts) that is owned by the threat group?
Telco - Compromise Server
What is the name of one of the compromised servers ?
Telco - Malware
A malware sample was taken from one of the compromise servers, you are directed to investigate this malware sample and run it in a Windows sandbox built by your team and tell us the behaviour of the sample. What specific activities is this malware sample doing? (use MITRE Att&ck) NB: Do NOT submit the sample to VT or any other platforms for dynamic analysis
Telco - Malware II
What is the sha256 hash of the malware sample and what evasion techniques is it using (use MITRE Att&ck)?
Telco - Initial Access
One computer accessed the compromised server at what time and date? What is the name and does it belong to the threat actor? If yes why? If no why?
Telco - Malware III
From the network traffic sample provided and the malware sample analysis done? What do your team conclude as the ULTIMATE objective of the threat group that compromises the server (use MITRE Att&ck)
Telco - Root Cause
From the logs you analyzed, what is the root cause of this compromise (use MITRE Att&ck)
Telco - Defense
What recommendation would your team have proffer to prevent the reoccurrence of the incident after you have carefully understood the root cause (use MITRE Att&ck mitigations)
Telco - Defense II
What specific ports (protocols) would this recommendation affect?
Message
Just let me know when you get my message.
ids
What do you say about patterns and ids?
sus
Emails can be sus.
Flakes
Skating during winter snow
Outguest
Just Outguess it!
The Seeker
Just seek Bruh!
Onion
My radio only accepts readings in MHz. However, I managed to intercept some signals at 0.05 GHz
Pattern
Welcome, crypto enthusiasts! should you choose to tackle this challenge, it's totally up to you, as it requires keen eyes to printable characters. Your task is to decrypt the provided message, which has been cleverly shifted to test your skills.
Hint: Always work you way up step by step!
Ret2Win V1
Baby pwn, enjoy!
nc 0.cloud.chals.io 32822
Ret2Win V2
"The last one was so simple so I decided to bring in something better but trust me, it's still ret2win!
nc 0.cloud.chals.io 10551
Echo Chamber
"My company's program, backdoored for admin users, was infiltrated by a bunch of petty hackers! But now, I've tightened things up and created something truly secure. Think you're clever enough to crack this new system? Prove it!
nc 0.cloud.chals.io 27514
DeeStrucTor
I was given this weird file but it does not seem to do anything, can you help me figure it out?
Note: flag format csean-ctf{}24
Just Rev
"Show me your skills
Super Hashing Algorithm
One way hashing algorithm is not reversible, prove me wrong!
Do Math
Rev can sometimes be a lowkey math problem
JFun
As we come to an end, you've been yet given another file to reverse engineer. This time around, we provided the source code for the application. Can you help me figure the secret?
Finding Nemo
Show me the location, and I'll be right there.
Head
"Head blind. Blind what exactly?
https://csean-basics.chals.io/
SeeQL
"They say sqli is dangerous, trust me I made sure the admin password can't be exfiltrated. All you need now is to prove me wrong.
P.S please don't use any automated tool!"
https://csean-basics.chals.io/
Guess The Flag
This is me totally not troll
ChatGPT
Your mission should you choose to accept it, is to extract the secret from the communication between I and an AI model
[source](https://chatgpt.com/share/66f4a973-ed08-800a-9950-2ce1d86b6ff4)
Disskod
Ahh, we totally forgot a welcome challenge so i bring to you the forgotton one
Codes codes codes
Coding is an art? Isnt it?