tryhackme.com Open in urlscan Pro
2606:4700:10::6816:37e4  Public Scan

URL: https://tryhackme.com/r/room/threatinteltools
Submission: On December 06 via manual from SA — Scanned from DE

Form analysis 22 forms found in the DOM

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="1" name="1" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="1" name="1" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="1" name="1" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="2" name="2" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="3" name="3" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="4" name="4" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="1" name="1" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button><button color="hint" type="button" role="button" class="sc-kAyceB dtlBUx sc-beSSEr epJuEK"><svg
        aria-hidden="true" focusable="false" data-prefix="far" data-icon="lightbulb" class="svg-inline--fa fa-lightbulb " role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 512">
        <path fill="currentColor"
          d="M112.1 454.3c0 6.297 1.816 12.44 5.284 17.69l17.14 25.69c5.25 7.875 17.17 14.28 26.64 14.28h61.67c9.438 0 21.36-6.401 26.61-14.28l17.08-25.68c2.938-4.438 5.348-12.37 5.348-17.7L272 415.1h-160L112.1 454.3zM192 0C90.02 .3203 16 82.97 16 175.1c0 44.38 16.44 84.84 43.56 115.8c16.53 18.84 42.34 58.23 52.22 91.45c.0313 .25 .0938 .5166 .125 .7823h160.2c.0313-.2656 .0938-.5166 .125-.7823c9.875-33.22 35.69-72.61 52.22-91.45C351.6 260.8 368 220.4 368 175.1C368 78.8 289.2 .0039 192 0zM288.4 260.1c-15.66 17.85-35.04 46.3-49.05 75.89h-94.61c-14.01-29.59-33.39-58.04-49.04-75.88C75.24 236.8 64 206.1 64 175.1C64 113.3 112.1 48.25 191.1 48C262.6 48 320 105.4 320 175.1C320 206.1 308.8 236.8 288.4 260.1zM176 80C131.9 80 96 115.9 96 160c0 8.844 7.156 16 16 16S128 168.8 128 160c0-26.47 21.53-48 48-48c8.844 0 16-7.148 16-15.99S184.8 80 176 80z">
        </path>
      </svg>Hint</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="2" name="2" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="3" name="3" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="4" name="4" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="1" name="1" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button><button color="hint" type="button" role="button" class="sc-kAyceB dtlBUx sc-beSSEr epJuEK"><svg
        aria-hidden="true" focusable="false" data-prefix="far" data-icon="lightbulb" class="svg-inline--fa fa-lightbulb " role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 512">
        <path fill="currentColor"
          d="M112.1 454.3c0 6.297 1.816 12.44 5.284 17.69l17.14 25.69c5.25 7.875 17.17 14.28 26.64 14.28h61.67c9.438 0 21.36-6.401 26.61-14.28l17.08-25.68c2.938-4.438 5.348-12.37 5.348-17.7L272 415.1h-160L112.1 454.3zM192 0C90.02 .3203 16 82.97 16 175.1c0 44.38 16.44 84.84 43.56 115.8c16.53 18.84 42.34 58.23 52.22 91.45c.0313 .25 .0938 .5166 .125 .7823h160.2c.0313-.2656 .0938-.5166 .125-.7823c9.875-33.22 35.69-72.61 52.22-91.45C351.6 260.8 368 220.4 368 175.1C368 78.8 289.2 .0039 192 0zM288.4 260.1c-15.66 17.85-35.04 46.3-49.05 75.89h-94.61c-14.01-29.59-33.39-58.04-49.04-75.88C75.24 236.8 64 206.1 64 175.1C64 113.3 112.1 48.25 191.1 48C262.6 48 320 105.4 320 175.1C320 206.1 308.8 236.8 288.4 260.1zM176 80C131.9 80 96 115.9 96 160c0 8.844 7.156 16 16 16S128 168.8 128 160c0-26.47 21.53-48 48-48c8.844 0 16-7.148 16-15.99S184.8 80 176 80z">
        </path>
      </svg>Hint</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="2" name="2" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="3" name="3" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="4" name="4" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button><button color="hint" type="button" role="button" class="sc-kAyceB dtlBUx sc-beSSEr epJuEK"><svg
        aria-hidden="true" focusable="false" data-prefix="far" data-icon="lightbulb" class="svg-inline--fa fa-lightbulb " role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 512">
        <path fill="currentColor"
          d="M112.1 454.3c0 6.297 1.816 12.44 5.284 17.69l17.14 25.69c5.25 7.875 17.17 14.28 26.64 14.28h61.67c9.438 0 21.36-6.401 26.61-14.28l17.08-25.68c2.938-4.438 5.348-12.37 5.348-17.7L272 415.1h-160L112.1 454.3zM192 0C90.02 .3203 16 82.97 16 175.1c0 44.38 16.44 84.84 43.56 115.8c16.53 18.84 42.34 58.23 52.22 91.45c.0313 .25 .0938 .5166 .125 .7823h160.2c.0313-.2656 .0938-.5166 .125-.7823c9.875-33.22 35.69-72.61 52.22-91.45C351.6 260.8 368 220.4 368 175.1C368 78.8 289.2 .0039 192 0zM288.4 260.1c-15.66 17.85-35.04 46.3-49.05 75.89h-94.61c-14.01-29.59-33.39-58.04-49.04-75.88C75.24 236.8 64 206.1 64 175.1C64 113.3 112.1 48.25 191.1 48C262.6 48 320 105.4 320 175.1C320 206.1 308.8 236.8 288.4 260.1zM176 80C131.9 80 96 115.9 96 160c0 8.844 7.156 16 16 16S128 168.8 128 160c0-26.47 21.53-48 48-48c8.844 0 16-7.148 16-15.99S184.8 80 176 80z">
        </path>
      </svg>Hint</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="5" name="5" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="1" name="1" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button><button color="hint" type="button" role="button" class="sc-kAyceB dtlBUx sc-beSSEr epJuEK"><svg
        aria-hidden="true" focusable="false" data-prefix="far" data-icon="lightbulb" class="svg-inline--fa fa-lightbulb " role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 512">
        <path fill="currentColor"
          d="M112.1 454.3c0 6.297 1.816 12.44 5.284 17.69l17.14 25.69c5.25 7.875 17.17 14.28 26.64 14.28h61.67c9.438 0 21.36-6.401 26.61-14.28l17.08-25.68c2.938-4.438 5.348-12.37 5.348-17.7L272 415.1h-160L112.1 454.3zM192 0C90.02 .3203 16 82.97 16 175.1c0 44.38 16.44 84.84 43.56 115.8c16.53 18.84 42.34 58.23 52.22 91.45c.0313 .25 .0938 .5166 .125 .7823h160.2c.0313-.2656 .0938-.5166 .125-.7823c9.875-33.22 35.69-72.61 52.22-91.45C351.6 260.8 368 220.4 368 175.1C368 78.8 289.2 .0039 192 0zM288.4 260.1c-15.66 17.85-35.04 46.3-49.05 75.89h-94.61c-14.01-29.59-33.39-58.04-49.04-75.88C75.24 236.8 64 206.1 64 175.1C64 113.3 112.1 48.25 191.1 48C262.6 48 320 105.4 320 175.1C320 206.1 308.8 236.8 288.4 260.1zM176 80C131.9 80 96 115.9 96 160c0 8.844 7.156 16 16 16S128 168.8 128 160c0-26.47 21.53-48 48-48c8.844 0 16-7.148 16-15.99S184.8 80 176 80z">
        </path>
      </svg>Hint</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="2" name="2" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button><button color="hint" type="button" role="button" class="sc-kAyceB dtlBUx sc-beSSEr epJuEK"><svg
        aria-hidden="true" focusable="false" data-prefix="far" data-icon="lightbulb" class="svg-inline--fa fa-lightbulb " role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 512">
        <path fill="currentColor"
          d="M112.1 454.3c0 6.297 1.816 12.44 5.284 17.69l17.14 25.69c5.25 7.875 17.17 14.28 26.64 14.28h61.67c9.438 0 21.36-6.401 26.61-14.28l17.08-25.68c2.938-4.438 5.348-12.37 5.348-17.7L272 415.1h-160L112.1 454.3zM192 0C90.02 .3203 16 82.97 16 175.1c0 44.38 16.44 84.84 43.56 115.8c16.53 18.84 42.34 58.23 52.22 91.45c.0313 .25 .0938 .5166 .125 .7823h160.2c.0313-.2656 .0938-.5166 .125-.7823c9.875-33.22 35.69-72.61 52.22-91.45C351.6 260.8 368 220.4 368 175.1C368 78.8 289.2 .0039 192 0zM288.4 260.1c-15.66 17.85-35.04 46.3-49.05 75.89h-94.61c-14.01-29.59-33.39-58.04-49.04-75.88C75.24 236.8 64 206.1 64 175.1C64 113.3 112.1 48.25 191.1 48C262.6 48 320 105.4 320 175.1C320 206.1 308.8 236.8 288.4 260.1zM176 80C131.9 80 96 115.9 96 160c0 8.844 7.156 16 16 16S128 168.8 128 160c0-26.47 21.53-48 48-48c8.844 0 16-7.148 16-15.99S184.8 80 176 80z">
        </path>
      </svg>Hint</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="1" name="1" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="2" name="2" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="1" name="1" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="2" name="2" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

<form data-sentry-element="StyledForm" data-sentry-source-file="question-and-answer-item.tsx" class="sc-kBpyjw xLYZN">
  <div data-sentry-element="StyledTextfieldContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-hEUNDx duKYkS">
    <div class="sc-kYxDKI iaxtnO">
      <div class="sc-gEvEer sc-hCPjZK dUlYmO ipdJds"><input id="1" name="1" data-testid="answer-field" autocomplete="off" placeholder="Login to answer.." class="sc-bbSZdi jnxbY" value="" disabled=""></div>
    </div>
  </div>
  <div data-sentry-element="StyledButtonsContainer" data-sentry-source-file="question-and-answer-item.tsx" class="sc-ebnDkq iUSxdj"><button color="add" type="submit" role="button" data-sentry-element="StyledButton"
      data-sentry-source-file="question-and-answer-item.tsx" class="sc-kAyceB bWrVDc sc-beSSEr sc-iOjliw epJuEK iwatXM">Login to answer..</button></div>
</form>

Text Content

You need to enable JavaScript to run this app.

 * Learn

 * Compete

 * For Education

 * For Business

 * Pricing

Learn

Compete

For Education

For Business
Pricing
Log In
Join for FREE
Log In
Join for FREE
 * Learn
 * Threat Intelligence Tools


THREAT INTELLIGENCE TOOLS

Explore different OSINT tools used to conduct security threat assessments and
investigations.

easy

60 min

Help
1618
Room progress ( 0% )

To access material, start machines and answer questions login.

Task 1Room Outline


This room will cover the concepts of Threat Intelligence and various open-source
tools that are useful. The learning objectives include:

 * Understanding the basics of threat intelligence & its classifications.
 * Using UrlScan.io to scan for malicious URLs.
 * Using Abuse.ch to track malware and botnet indicators.
 * Investigate phishing emails using PhishTool
 * Using Cisco's Talos Intelligence platform for intel gathering.

Answer the questions below
Read the description! Continue to the next task.
Login to answer..
Task 2Threat Intelligence


Threat Intelligence is the analysis of data and information using tools and
techniques to generate meaningful patterns on how to mitigate against potential
risks associated with existing or emerging threats targeting organisations,
industries, sectors or governments.

To mitigate against risks, we can start by trying to answer a few simple
questions:

 * Who's attacking you?
 * What's their motivation?
 * What are their capabilities?
 * What artefacts and indicators of compromise should you look out for?


THREAT INTELLIGENCE CLASSIFICATIONS:

Threat Intel is geared towards understanding the relationship between your
operational environment and your adversary. With this in mind, we can break down
threat intel into the following classifications: 

 * Strategic Intel: High-level intel that looks into the organisation's threat
   landscape and maps out the risk areas based on trends, patterns and emerging
   threats that may impact business decisions.
 * Technical Intel: Looks into evidence and artefacts of attack used by an
   adversary. Incident Response teams can use this intel to create a baseline
   attack surface to analyse and develop defence mechanisms.
 * Tactical Intel: Assesses adversaries' tactics, techniques, and procedures
   (TTPs). This intel can strengthen security controls and address
   vulnerabilities through real-time investigations.
 * Operational Intel: Looks into an adversary's specific motives and intent to
   perform an attack. Security teams may use this intel to understand the
   critical assets available in the organisation (people, processes, and
   technologies) that may be targeted.

Answer the questions below
I've read on Threat Intel and the classifications
Login to answer..
Task 3UrlScan.io


Urlscan.io is a free service developed to assist in scanning and analysing
websites. It is used to automate the process of browsing and crawling through
websites to record activities and interactions.

When a URL is submitted, the information recorded includes the domains and IP
addresses contacted, resources requested from the domains, a snapshot of the web
page, technologies utilised and other metadata about the website.

The site provides two views, the first one showing the most recent scans
performed and the second one showing current live scans.

 


SCAN RESULTS

URL scan results provide ample information, with the following key areas being
essential to look at:

 * Summary: Provides general information about the URL, ranging from the
   identified IP address, domain registration details, page history and a
   screenshot of the site.
 * HTTP: Provides information on the HTTP connections made by the scanner to the
   site, with details about the data fetched and the file types received.
 * Redirects: Shows information on any identified HTTP and client-side redirects
   on the site.
 * Links: Shows all the identified links outgoing from the site's homepage.
 * Behaviour: Provides details of the variables and cookies found on the site.
   These may be useful in identifying the frameworks used in developing the
   site.
 * Indicators: Lists all IPs, domains and hashes associated with the site. These
   indicators do not imply malicious activity related to the site.




Note: Due to the dynamic nature of internet activities, data searched can
produce different results on different days as new information gets updated.


SCENARIO

You have been tasked to perform a scan on TryHackMe's domain. The results
obtained are displayed in the image below. Use the details on the image to
answer the questions:




Answer the questions below
What was TryHackMe's Cisco Umbrella Rank based on the screenshot?
Login to answer..

How many domains did UrlScan.io identify on the screenshot?

Login to answer..

What was the main domain registrar listed on the screenshot?

Login to answer..

What was the main IP address identified for TryHackMe on the screenshot?


Login to answer..
Task 4Abuse.ch


Abuse.ch is a research project hosted by the Institue for Cybersecurity and
Engineering at the Bern University of Applied Sciences in Switzerland. It was
developed to identify and track malware and botnets through several operational
platforms developed under the project. These platforms are:

 * Malware Bazaar:  A resource for sharing malware samples.
 * Feodo Tracker:  A resource used to track botnet command and control (C2)
   infrastructure linked with Emotet, Dridex and TrickBot.
 * SSL Blacklist:  A resource for collecting and providing a blocklist for
   malicious SSL certificates and JA3/JA3s fingerprints.
 * URL Haus:  A resource for sharing malware distribution sites.
 * Threat Fox:  A resource for sharing indicators of compromise (IOCs).

Let us look into these platforms individually.


MALWAREBAZAAR

As the name suggests, this project is an all in one malware collection and
analysis database. The project supports the following features:

 * Malware Samples Upload: Security analysts can upload their malware samples
   for analysis and build the intelligence database. This can be done through
   the browser or an API.
 * Malware Hunting: Hunting for malware samples is possible through setting up
   alerts to match various elements such as tags, signatures, YARA rules, ClamAV
   signatures and vendor detection.





FEODOTRACKER

With this project, Abuse.ch is targeting to share intelligence on botnet Command
& Control (C&C) servers associated with Dridex, Emotes (aka Heodo), TrickBot,
QakBot and BazarLoader/BazarBackdoor. This is achieved by providing a database
of the C&C servers that security analysts can search through and investigate any
suspicious IP addresses they have come across. Additionally, they provide
various IP and IOC blocklists and mitigation information to be used to prevent
botnet infections.







SSL BLACKLIST

Abuse.ch developed this tool to identify and detect malicious SSL connections.
From these connections, SSL certificates used by botnet C2 servers would be
identified and updated on a denylist that is provided for use. The denylist is
also used to identify JA3 fingerprints that would help detect and block malware
botnet C2 communications on the TCP layer.

You can browse through the SSL certificates and JA3 fingerprints lists or
download them to add to your deny list or threat hunting rulesets.





URLHAUS

As the name points out, this tool focuses on sharing malicious URLs used for
malware distribution. As an analyst, you can search through the database for
domains, URLs, hashes and filetypes that are suspected to be malicious and
validate your investigations.

The tool also provides feeds associated with country, AS number and Top Level
Domain that an analyst can generate based on specific search needs.




THREATFOX

With ThreatFox,  security analysts can search for, share and export indicators
of compromise associated with malware. IOCs can be exported in various formats
such as MISP events, Suricata IDS Ruleset, Domain Host files, DNS Response
Policy Zone, JSON files and CSV files.



Answer the questions below
The IOC 212.192.246.30:5555 is identified under which malware alias name on
ThreatFox?

Login to answer..Hint

Which malware is associated with the JA3
Fingerprint 51c64c77e60f3980eea90869b68c58a8 on SSL Blacklist?

Login to answer..

From the statistics page on URLHaus, what malware-hosting network has the ASN
number AS14061? 


Login to answer..

Which country is the botnet IP address 178.134.47.166 associated with according
to FeodoTracker?


Login to answer..
Task 5PhishTool
Task includes a deployable machine
Start Machine

Before going into the task, click the Start Machine button to start the attached
VM and open it in Split View. You will be using the same machine through tasks 7
and 8.

This task will introduce you to a tool, PhishTool, that you would add to your
toolkit of email analysis tools. Please take note that it would not be necessary
to use it to complete the task; however, the principles learnt would be helpful.


EMAIL PHISHING

Email phishing is one of the main precursors of any cyber attack. Unsuspecting
users get duped into opening and accessing malicious files and links sent to
them by email, as they appear to be legitimate. As a result, adversaries infect
their victims’ systems with malware, harvesting their credentials and personal
data and performing other actions such as financial fraud or conducting
ransomware attacks.

For more information and content on phishing, check out these rooms:

 * Phishing Emails 1
 * Phishing Emails 2
 * Phishing Emails 3
 * Phishing Emails 4
 * Phishing Emails 5

PhishTool seeks to elevate the perception of phishing as a severe form of attack
and provide a responsive means of email security. Through email analysis,
security analysts can uncover email IOCs, prevent breaches and provide forensic
reports that could be used in phishing containment and training engagements.

PhishTool has two accessible versions: Community and Enterprise. We shall mainly
focus on the Community version and the core features in this task. Sign up for
an account via this link to use the tool.

The core features include:

 * Perform email analysis: PhishTool retrieves metadata from phishing emails and
   provides analysts with the relevant explanations and capabilities to follow
   the email’s actions, attachments, and URLs to triage the situation.
 * Heuristic intelligence: OSINT is baked into the tool to provide analysts with
   the intelligence needed to stay ahead of persistent attacks and understand
   what TTPs were used to evade security controls and allow the adversary to
   social engineer a target.
 * Classification and reporting: Phishing email classifications are conducted to
   allow analysts to take action quickly. Additionally, reports can be generated
   to provide a forensic record that can be shared.

Additional features are available on the Enterprise version:

 * Manage user-reported phishing events.
 * Report phishing email findings back to users and keep them engaged in the
   process.
 * Email stack integration with Microsoft 365 and Google Workspace.

We are presented with an upload file screen from the Analysis tab on login.
Here, we submit our email for analysis in the stated file formats. Other tabs
include:


 * History: Lists all submissions made with their resolutions.
 * In-tray: An Enterprise feature used to receive and process phish reports
   posted by team members through integrating Google Workspace and Microsoft
   365.





ANALYSIS TAB

Once uploaded, we are presented with the details of our email for a more
in-depth look. Here, we have the following tabs:

 * Headers: Provides the routing information of the email, such as source and
   destination email addresses, Originating IP and DNS addresses and Timestamp.
 * Received Lines: Details on the email traversal process across various SMTP
   servers for tracing purposes.
 * X-headers: These are extension headers added by the recipient mailbox to
   provide additional information about the email.
 * Security: Details on email security frameworks and policies such as Sender
   Policy Framework (SPF), DomainKeys Identified Mail (DKIM) and Domain-based
   Message Authentication, Reporting and Conformance (DMARC).
 * Attachments: Lists any file attachments found in the email.
 * Message URLs: Associated external URLs found in the email will be found here.

We can further perform lookups and flag indicators as malicious from these
options. On the right-hand side of the screen, we are presented with the
Plaintext and Source details of the email.




Above the Plaintext section, we have a Resolve checkmark. Here, we get to
perform the resolution of our analysis by classifying the email, setting up
flagged artefacts and setting the classification codes. Once the email has been
classified, the details will appear on the Resolution tab on the analysis of the
email.




You can now add PhishTool to your list of email analysis tools.




SCENARIO

You are a SOC Analyst and have been tasked to analyse a suspicious
email, Email1.eml. To solve the task, open the email using Thunderbird on the
attached VM, analyse it and answer the questions below.
Answer the questions below

What social media platform is the attacker trying to pose as in the email?

Login to answer..Hint
What is the senders email address?

Login to answer..

What is the recipient's email address?

Login to answer..

What is the Originating IP address? Defang the IP address.

Login to answer..Hint

How many hops did the email go through to get to the recipient?


Login to answer..
Task 6Cisco Talos Intelligence


IT and Cybersecurity companies collect massive amounts of information that could
be used for threat analysis and intelligence. Being one of those companies,
Cisco assembled a large team of security practitioners called Cisco Talos to
provide actionable intelligence, visibility on indicators, and protection
against emerging threats through data collected from their products. The
solution is accessible as Talos Intelligence.

Cisco Talos encompasses six key teams:

 * Threat Intelligence & Interdiction: Quick correlation and tracking of threats
   provide a means to turn simple IOCs into context-rich intel.
 * Detection Research: Vulnerability and malware analysis is performed to create
   rules and content for threat detection.
 * Engineering & Development: Provides the maintenance support for the
   inspection engines and keeps them up-to-date to identify and triage emerging
   threats.
 * Vulnerability Research & Discovery: Working with service and software vendors
   to develop repeatable means of identifying and reporting security
   vulnerabilities.
 * Communities: Maintains the image of the team and the open-source solutions.
 * Global Outreach: Disseminates intelligence to customers and the security
   community through publications.

More information about Cisco Talos can be found on their White Paper


TALOS DASHBOARD

Accessing the open-source solution, we are first presented with a reputation
lookup dashboard with a world map. This map shows an overview of email traffic
with indicators of whether the emails are legitimate, spam or malware across
numerous countries. Clicking on any marker, we see more information associated
with IP and hostname addresses, volume on the day and the type.




At the top, we have several tabs that provide different types of intelligence
resources. The primary tabs that an analyst would interact with are:


 * Vulnerability Information: Disclosed and zero-day vulnerability reports
   marked with CVE numbers and CVSS scores. Details of the vulnerabilities
   reported are provided when you select a specific report, including the
   timeline taken to get the report published. Microsoft vulnerability
   advisories are also provided, with the applicable snort rules that can be
   used.



 * Reputation Center: Provides access to searchable threat data related to IPs
   and files using their SHA256 hashes. Analysts would rely on these options to
   conduct their investigations. Additional email and spam data can be found
   under the Email & Spam Data tab.









TASK

Use the information gathered from inspecting the Email1.eml file from Task 5 to
answer the following questions using Cisco Talos Intelligence. Please note that
the VM launched in Task 5 would not have access to the Internet.


Answer the questions below
What is the listed domain of the IP address from the previous task?
Login to answer..Hint

What is the customer name of the IP address?

Login to answer..Hint
Task 7Scenario 1


Scenario: You are a SOC Analyst. Several suspicious emails have been forwarded
to you from other coworkers. You must obtain details from each email to triage
the incidents reported. 


Task: Use the tools and knowledge discussed throughout this room (or use your
resources) to help you analyze Email2.eml found on the VM attached to Task 5 and
use the information to answer the questions.

Answer the questions below
According to Email2.eml, what is the recipient's email address?
Login to answer..

On VirusTotal, the attached file can also be identified by a Detection Alias,
which starts with an H.

Login to answer..
Task 8Scenario 2


Scenario: You are a SOC Analyst. Several suspicious emails have been forwarded
to you from other coworkers. You must obtain details from each email to triage
the incidents reported. 


Task: Use the tools and knowledge discussed throughout this room (or use your
resources) to help you analyze Email3.eml found on the VM attached to Task 5 and
use the information to answer the questions.


Answer the questions below
What is the name of the attachment on Email3.eml?
Login to answer..

What malware family is associated with the attachment on Email3.eml?


Login to answer..
Task 9Conclusion



THERE'S MORE OUT THERE

You have come to the end of the room. However, this is just the tip of the
iceberg for open-source threat intelligence tools that can help you as an
analyst triage through incidents. There are plenty of more tools that may have
more functionalities than the ones discussed in this room.

Check out these rooms to dive deeper into Threat Intelligence:

 * Yara
 * MISP
 * Red Team Threat Intel

Answer the questions below
Read the above and completed the room
Login to answer..

Created by


tryhackme

SecurityNomad

Room Type

Free Room. Anyone can deploy virtual machines in the room (without being
subscribed)!

Users in Room

80.141

Created

857 days ago


LEARNING

 * Hands-on labs
 * For Business
 * For Education
 * Competitive Hacking


RESOURCES

 * About Us
 * Newsroom
 * Blog
 * Glossary
 * Work at TryHackMe
 * Careers in Cyber


SHOP

 * Buy Vouchers
 * Swag Shop


GET IN TOUCH

 * Contact Us
 * Forum

We're a gamified, hands-on cyber security training platform that you can access
through your browser.

128 City Road, London, United Kingdom, EC1V 2NX

Copyright TryHackMe 2018-2024

Privacy PolicyTerms of UseAI Terms of UseAcceptable Use PolicyCookie Policy




Exit split view



We use cookies to ensure you get the best user experience. For more information
contact us.

Read moreGot it!