A collection of my writeups for the 2024 edition of the SANS Holiday Hack Challenge (HHC). HHC is a free series of fun, quality, hands-on cybersecurity challenges.
In Elf Stack SIEM, we help a North Pole elf investigate a cyberattack by the Wombley faction. In Silver, we analyze logs to uncover key insights like event counts and sources, using Python and pandas. Gold dives deeper, exploring phishing emails and reindeer-related domains to trace the attackers. By scripting smart queries, we piece together the attack chain, earning both medals and restoring order to the North Pole’s systems!
In Santa Vision, we assist Ribb Bonbowford in reclaiming the Santa Broadcast Network (SBN) from Wombley’s control. For the silver medal, we identify admin credentials hidden in the portal’s HTML, log in, and explore MQTT topics for valuable information. To earn gold, we uncover secrets in HTTP headers and retrieve additional user credentials to dig deeper into the northpolefeeds, ultimately restoring the holiday cheer and earning both medals!
