BTLO Replay: COUNTDOWN | Digital Forensics Lab Walkthrough

Welcome to BTLO Replay, a video series that will take you through retired BTLO labs. Videos posted every Friday at 6pm BST.

This week’s lab is COUNTDOWN, a digital forensics investigation that utilizes tools and platforms such as Windows File Analyzer and Autopsy®.

Difficulty: Medium

The COUNTDOWN scenario:

NYC Police received information that a gang of attackers has entered the city and is planning to detonate an explosive device. Law enforcement have begun investigating all leads to determine whether this is true or a hoax.

Persons of interest were taken into custody, and one additional suspect named ‘Zerry’ was detained while officers raided his house. During the search, they found one laptop, collected the digital evidence, and sent it to the NYC digital forensics division.

Police believe Zerry is directly associated with the gang and are analyzing his device to uncover any information about the potential attack.

Disclaimer: The story, all names, characters, and incidents portrayed in this challenge are fictitious and any relevance to real-world events is completely coincidental.

0:00 – Scenario and introduction
3:27 – Investigation files
3:48 – Hints
4:20 – Question 1
5:40 – Question 2
16:08 – Question 3
21:27 – Question 4
24:00 – Question 5
28:40 – Question 6
32:23 – Question 7
40:25 – Summary

--

Powered by global blue team training provider, Security Blue Team, BTLO is a gamified platform for defenders to sharpen their skills during engaging security investigation and challenge scenarios.

The BTLO Replay series takes viewers through walkthroughs of retired labs. Visit the BTLO website to take on these challenges for yourself and discover new labs launching regularly.

SUBSCRIBE:    / @blueteamlabsonline  
WEBSITE: https://blueteamlabs.online
DISCORD:   / discord  
TWITTER:   / bluelabsonline  
LINKEDIN:   / blue-team-labs-online