XXE Infiltration

XXE Infiltration is a blue team lab that falls under the Network Forensics category and will cover the following subjects: Wireshark, Brim, Reconnaissance, Initial Access, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Collection, Exfiltration.

Learning Objectives

Analyze PCAP data using Wireshark to identify XXE vulnerabilities, extract compromised credentials, and detect web shell uploads for persistence.

Categories: Network Forensics.

MITRE ATT&CK Tactics: Reconnaissance, Initial Access, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Collection, Exfiltration.

Tools: Wireshark, Brim.

Difficulty: easy.