Tomcat Takeover is a blue team lab that falls under the Network Forensics category and will cover the following subjects: Wireshark, NetworkMiner, Reconnaissance, Execution, Persistence, Privilege Escalation, Credential Access, Discovery, Command and Control.
Learning Objectives
Analyze network traffic using Wireshark's custom columns, filters, and statistics to identify suspicious web server administration access and potential compromise.