T1594 Lab
Last updated
Last updated
Q1) Loading Zeek logs in Brim Security. How many HTTP requests are there?
-> open all the files in Zui.
-> Right click and choose Count by field
Answer: 3667
Q2) What is the domain of the targeted website?
Answer: shop.cyberdefenders.corp
Q3) What is the tool used by the attacker to crawl the website?
Attacker IP with most requests: 165.18.197.227
Answer: Burp Suite
Q4) How many web pages the attacker was able to access?
Answer: 1483
Q5) What is the browser used by the attacker? (Format: Browser_Name Version)
Answer: Firefox 78
Q6) How many bytes are sent by the attacker?
Answer: 1380285