Getting Started with CTF Data
Cado provides a short Capture the Flag data set to help you get familiar with the Cado platform. A walkthrough of the data is available here
How to get started
- Create a new project
- Navigate to the Help page and click “Import CTF data”. Import will take a few minutes.
- Open the project and start investigating
Scenario
AWS GuardDuty raised a notification that an instance in our AWS account was accessing a known BitCoin mining address.
We imported the AWS GuardDuty logs, plus a disk image of the instance in question. The original image file was over 8GB in size. For the purposes of this capture the flag though, we reduced it down to around 30MB