Quantum Leap
EasyOpen Source Cyber Intelligence
Overview
Intelligence reports confirm that a recent phishing campaign against a third-party service has resulted in a credential compromise. All evidence currently points to a single developer at our company being the sole victim.
Our threat intel profile on the responsible threat actor, 'HunterOfXmen', indicates they often taunt their victims by leaking data on public internet. Your mission is to verify this claim. You must trace the developer's digital footprint, locate the exposed credentials, and determine the extent of the breach by accessing any company assets that are now vulnerable.
flag format : Flag{}
Lab Details
Prerequisites & Requirements
- Basic understanding of OSINT (Open Source Intelligence) techniques
- Familiarity with email headers and phishing campaigns
- Knowledge of credential stuffing attacks
- Basic web reconnaissance skills
- Understanding of how threat actors operate and leak data
What will you learn?
- Analyzing phishing emails and identifying key indicators
- Using OSINT tools to track threat actors across platforms
- Leveraging public repositories to find leaked credentials
- Performing web reconnaissance to discover hidden endpoints
- Understanding the full attack chain from phishing to unauthorized access
- Connecting the dots between different pieces of information
Tools
- Email Client (Outlook, Thunderbird, or any MIME-capable client): To visualize the phishing email
- Sherlock: OSINT tool for finding usernames across social networks
- ffuf: Fast web fuzzer for directory/endpoint discovery
- Web Browser: For accessing discovered endpoints
- Text Editor: For analyzing files and credentials
Job Positions
Security Analyst
Tags
Threat IntelligenceLeaked CredentialsCredential StuffingAdversary ProfileSocial Engineering