Retired Blue Team Lab Walkthrough | BTLO: THE KEY | Digital Forensics

Welcome to BTLO Replay, a video series that will take you through retired BTLO labs. Videos posted every Friday at 6pm BST (UTC+1).

This week’s investigation is THE KEY, a hard digital forensics lab.

Difficulty: Hard

THE KEY scenario:

Peter, a programmer by profession, was always fascinated by superhero movies from his childhood. He started a secret project at work without informing his boss. Peter stored all the project files in his cloud account. His boss came to know about Peter’s secret project and asked the security team to investigate Peter’s laptop. But here comes the real headache: Peter’s secret drive is encrypted!

Investigate the disk to help the boss to find the encryption key and Peter’s cloud credentials.

0:00 – Introduction
0:51 – Scenario
2:15 – Question 1
9:39 – Question 2
13:25 – Question 3
16:24 – Question 4
19:46 – Question 5
25:26 – Question 6
29:46 – Question 7
31:16 – Question 8
32:38 – Question 9
37:18 – Question 10
39:26 – Question 11
50:26 – Question 12
50:32 – Question 13
51:41 – Question 14
56:01 – Question 15
56:15 – Question 16
57:24 – Summary
--
Powered by global blue team training provider, Security Blue Team, BTLO is a gamified platform for defenders to sharpen their skills during engaging security investigation and challenge scenarios.

The BTLO Replay series takes viewers through walkthroughs of retired labs. Visit the BTLO website to take on these challenges for yourself and discover new labs launching regularly.

SUBSCRIBE:    / @blueteamlabsonline  
WEBSITE: https://blueteamlabs.online
DISCORD:   / discord  
TWITTER:   / bluelabsonline  
LINKEDIN:   / blue-team-labs-online