Game Description:
Azalea Power Co. is experiencing the effects of a large-scale cyber-attack and needs a cyber incident response team to help them investigate. You and your team of cyber incident responders have been brought in to help the internal IT team as they identify the extent of the impacts to their IT network, corporate building management system (BMS), and power distribution system.
In this CTF, participants will explore network and host artifacts from Azalea Power Co.’s IT, BMS and electric distribution networks and solve challenges involving real-world tactics, techniques, and procedures. They will leverage multiple open-source tools to examine forensic artifacts and identify indicators of compromise. As they progress through the challenges, participants will discover which systems the attacker targeted, how they moved through the network, and how they caused disruptions in the operational environment
Some tools that may come in handy for players (all open source):
Wireshark
CyberChef
osslsigncode
pymodbus
tshark
Ghidra
Scripting language (python)
binwalk
sqlite3