OWASP MUC - The Threat - Game won!

Congratulations!! You managed to catch the hackers and thwarted their attempt to harm your company!

This could either have been due to your superior skills, an extraordinary bout of luck, or more probably due to a combination of both. In any case as a next step you should now take a look at the game log listed below to see if at any point you could/should have done something differently! There is always potential for improvement.

Thank you for playing Backdoors & Breaches - online

If you enjoyed the game please tell to your friends and colleagues. If you have any comments or suggestions I would like to hear from you. You can contact me using the contact form in the support menu. If you would like to support the development of this site feel free to buy me a coffee (or tea or soda ...) ;).

Game Log

Turn: 1 -  Roll: 10 (Dice (10) + Cardbonus () + Bonus (0)) -  Fails: 1
Password Spray-5 Pivot and Escalate not revealed Persistence not revealed C2 and Exfil not revealed Security Information and Event Management (SIEM)-33 Injects not revealed
Turn: 2 -  Roll: 9 (Dice (9) + Cardbonus () + Bonus (0)) -  Fails: 2
Password Spray-5 Internal Password Spray-11 Persistence not revealed C2 and Exfil not revealed User and Entity Behavior Analytics (UEBA)-39 Injects not revealed
Turn: 3 -  Roll: 8 (Dice (8) + Cardbonus () + Bonus (0)) -  Fails: 3
Password Spray-5 Internal Password Spray-11 Persistence not revealed C2 and Exfil not revealed Server Analysis-34 Injects not revealed
Turn: 4 -  Roll: 13 (Dice (13) + Cardbonus () + Bonus (0)) -  Fails: 3
Password Spray-5 Internal Password Spray-11 Persistence not revealed GMail, Tumbler, Salesforce, Twitter as C2-31 NetFlow, Zeek/Bro, Real Intelligence Threat Analytics (RITA) analysis-36 Injects not revealed
Turn: 5 -  Roll: 13 (Dice (13) + Cardbonus () + Bonus (0)) -  Fails: 3
Password Spray-5 Internal Password Spray-11 Logon Scripts-24 GMail, Tumbler, Salesforce, Twitter as C2-31 Endpoint Analysis-40 Injects not revealed