This CTF is part of the SOC Level 1 learning path on TryHackMe. You are tasked to investigate a compromised corporate system using limited Splunk logs.
This CTF is the final challenge of the Threat Hunting module on THM. It follows-up right after Hunt Me I, but the questions guide the investigation much less than before.
This CTF is a threat-hunting practice scenario. We’ll have to investigate malicious activity on a computer that’s been the victim of a phishing attack, from initial access all the way to stealing confidential data.