_jibba_
Security Operations Analyst
Level 20 116002 / 141259
*Rankings computed based on core modules (109885 pts).
Joined in March, 2023
_jibba_ earned 16 badges
HopsNStuff
This analyst completed the "HopsNStuff" module, investigating a cyber attack through the analysis of endpoint process events and command-line activities. They demonstrated skills in identifying anomalous file behavior by using Kusto Query Language (KQL) to uncover malicious activities. The investigation highlighted their ability to analyze and deobfuscate malicious PowerShell commands, effectively identifying and responding to data exfiltration techniques.
Issued on: Jun 05, 2023
Dai Wok Foods
This analyst completed the "Dai Wok Foods" module. They demonstrated skills in detecting phishing attempts, analyzing email logs, and using Passive DNS for domain analysis. This proficiency is vital for countering threat actor tactics and protecting organizational assets.
Issued on: Jun 09, 2023
Balloons Over Iowa
This analyst completed the "Balloons Over Iowa" module, investigating a phishing and ransomware attack. They identified command and control connections, detected data exfiltration, analyzed Mimikatz activity, and observed shadow copy deletions, demonstrating their ability to effectively respond to and analyze cyber threats.
Issued on: Jun 09, 2023
Super Fan
This badge is issued to any KC7 player who has completed 3 modules or more!
Issued on: Jun 09, 2023
Castle & Sand
This analyst investigated an easy-level ransomware scenario by identifying adversaries' reconnaissance activities, analyzing themed phishing emails, and tracking ransomware deployment and impact. They used the Kusto Query Language (KQL) to analyze intrusion data and build an understanding of the ransomware attack lifecycle.
Issued on: Jun 11, 2023
Helping Hand
This award is community-nominated! Someone in the KC7 community has recognized this user for their contributions to others!
Issued on: Jun 12, 2023
Krusty Krab
This analyst completed the "Krusty Krab" module, investigating a phishing attack and data exfiltration. They used Kusto Query Language (KQL) to analyze email and network logs, revealing the use of deceptive email addresses and malicious domains. This exercise emphasized their ability to pivot and connect malicious domains to threat actor behavior, showcasing their proficiency in threat detection and analysis.
Issued on: Sep 27, 2023
Envolve Labs
This analyst completed the "Envolve Labs" module. They demonstrated skills in using Kusto Query Language (KQL) in their investigation that included identifying phishing campaigns, analyzing command-line activities, and uncovering credential theft and data exfiltration. They also learned to cluster and attribute attacks to specific threat actors, connecting malicious domains and email addresses to threat actor behavior.
Issued on: Sep 27, 2023
World Domination Nation
This analyst completed the "World Domination Nation" module, investigating a sophisticated cyber attack on WDN Consulting. They used Kusto Query Language (KQL) in an investigation that covered lateral movement, credential dumping, system configuration modifications, and full domain compromise. This exercise reinforced their ability to effectively detect, analyze, and respond to complex cyber threats.
Issued on: Oct 06, 2023
Spooky Sweets
This analyst completed the "Spooky Sweets" module, investigating the staging and compressing of files for exfiltration of intellectual property. Skills gained include identifying early indicators, mitigating damage, and enhancing detection. This exercise highlighted their ability to respond to sophisticated cyber intrusions by leveraging knowledge of attacker behavior and TTPs.
Issued on: Oct 28, 2023
Sunlands ☀️🚀🧑🚀
This analyst investigated a sophisticated cyber attack on the Sunlands Aeronautics and Space Administration (SASA). They demonstrated advanced skills in detecting phishing attacks, analyzing malicious file downloads, and uncovering command and control infrastructure and persistence mechanisms. This exercise showcased their ability to respond to advanced cyber threats using threat actor tactics, techniques, and procedures (TTPs).
Issued on: Nov 05, 2023
Scholomance
This analyst completed the "Scholomance" module, which focused on threat hunting with a threat intelligence-driven investigation. Using Kusto Query Language (KQL), they reinforced their skills in threat detection, anomaly identification, and data correlation.
Issued on: Feb 10, 2024
A Storm in Brewing in the Lab
This analyst investigated a complex scenario in the "Storm in Brewing in the Lab" module using Synapse, a platform from The Vertex Project. They utilized threat intelligence and Storm Query Language to guide their investigation, demonstrating skills in leveraging advanced tools and integrating threat data to uncover and understand security threats.
Issued on: Feb 10, 2024
MCJ Walker
This analyst completed the "MCJ Walker" module, demonstrating mastery of advanced investigative skills. They used Kusto Query Language (KQL) in an investigation that covered a sophisticated password spray attack, lateral movement via RDP, and full domain compromise. This exercise showcased their expert-level ability to respond to advanced cyber threats by leveraging in-depth knowledge of threat actor tactics, techniques, and procedures (TTPs).
Issued on: Apr 27, 2024
Virustotal Fundamentals
This analyst completed the "VirusTotal Fundamentals" module, which focused on using VirusTotal for comprehensive threat analysis. They demonstrated the ability to pivot around datasets, utilizing file hashes, domains, and IP addresses to uncover and correlate threats. This exercise reinforced their skills in leveraging VirusTotal's capabilities for detecting malicious activity and understanding the interconnections between various threat indicators.
Issued on: Jun 26, 2024
_jibba_ played 36 games
Private Module 1320/1320
Private Module 1910/1910
Private Module 2460/2460
Balloons Over Iowa 4405/4405
Private Module 0/4405
Envolve Labs: With a twist! 950/950
HopsNStuff 14265/14265
KRUSTY KRAB 7360/7360
Dai Wok Foods 11600/11600
Castle & Sand 13050/13050
DAILY7 🌎🌟 1781/4126
Private Module 57/57
World Domination Nation 8220/8220
MCJ Walker 15265/15265
Sunlands 8437/8437
Spooky Sweets 7640/7640
Scholomance 5640/5640
A Storm Is Brewing In the Lab 5670/5670
Private Module 0/12900
Private Module 0/10
A Scandal in Valdoria 🌟 20/2430
Inside Encryptodera 10/3990
Private Module 0/3390
AzureCrest - The full version 0/8790
System Shutdown at Azure Crest! (Short Version) 700/4800
A Rap Beef (START HERE) 0/950
Private Module 140/1710
VirusTotal Fundamentals 2620/2620
Private Module 100/610
Titan Shield (with Microsoft Defender XDR) 60/4000
Private Module 0/10920
Frognado in Valdoria 0/1690
A Rap Steak 2000/19010
Critical Compromise In Chicago - ICS 150/2870
Private Module 130/2040
Private Module 0/2080
Issue Badge to _jibba_
# | Image | Badge | Description | Action |
---|---|---|---|---|
1 | Advanced Persistent Analyst | Someone who failed, got up, and tried again! | ||
2 | Notre Dame Challenge | Completed the cybersecurity challenge event at Notre Dame in June 2023 | ||
3 | Cyber Challenge Series: Team Winner | This badge is issued to KC7 players who were members of a team that placed top 3 in a Blue Team Cyber Challenge event! | ||
4 | Most Improved | Someone who really improved over the course of a KC7 event! | ||
5 | Cyber Challenge Series: Winner | This badge is issued to KC7 players who placed top 3 (as an individual) in an Blue Team Cyber Challenge event! | ||
6 | 30 day hot steak | Awarded to a user who has answered a question for 30 days in a row. | ||
7 | 90 day streak | Awarded to a user who has answered a question for 90 days in a row. | ||
8 | Inside Encryptodera - Event Participant | Participant in the February 2024 monthly event featuring the Encryptodera module | ||
9 | The Teacher | Someone who really helped lift up their peers and enabled others to learn! | ||
10 | Bright Future | Someone who shows a lot of potential as a future cyber analyst! | ||
11 | Azure Crest | This analyst investigated a ransomware attack, where cost-cutting measures led to a single point of failure in their systems. This exercise highlighted the risks associated with prioritizing cost over security and reinforced skills in identifying vulnerabilities and understanding the broader implications of inadequate security measures in a healthcare context. | ||
12 | 2024 SANS New2Cyber CTF Participant | This badge has been awarded to those who took part in the 2024 SANS New2Cyber x KC7 Capture The Flag (CTF) challenge, which involved investigating a ransomware attack on a hospital. | ||
13 | 60 day streak | Awarded to a user who has answered a question for 60 days in a row. | ||
14 | 120 day streak | Awarded to a user who has answered a question for 120 days in a row! | ||
15 | Intro Master |