CDSA Preparation

By working through realistic defensive scenarios and hands-on challenges, participants will strengthen their ability to detect, analyze, and respond to security incidents with confidence.

— Hack The Box

HTB Machine	Difficulty	Walkthrough	Notes
Unit42	Very Easy	Unit42 - walkthrough	Using Sysmon logs / Windows event analysis / "backdoored UltraVNC" malware for persistence and initial access.
Campfire-1	Very Easy	Campfire-1 - walkthrough	Kerberoasting attack via AD logs and Prefetch/events.
Recollection	Easy	Recollection -walkthrough	Memory forensics analysis in Windows 7; obfuscated PowerShell; abandoned "passwords.txt" file; clipboard/history analysis.
RogueOne	Easy	RogueOne -walkthrough	Memory forensics; malicious process identification; C2; netscan analysis of dumps.
LogJammer	Easy	LogJammer-walkthrough	Log analysis (Security, System, Defender, Firewall, PowerShell); changes to firewall rules; scheduled tasks; log cleanup.
Trojan	Easy	Trojan - walkthrough	Memory analysis with Volatility 3; malicious ZIP file; installation of recovery software; investigation of a compromised workstation.
Tracer	Easy	Tracer - walkthrough	Use of PsExec lateral movement; Prefetch analysis; “PsExeSvc” service; execution counting; endpoint forensics
ReliableThreat	Medium	ReliableThreat - walkthrough	Exploitation of a malicious VSCode extension → reverse shell; COM hijack for persistence.
Jinkies	Medium	Jinkies - walkthrough	Investigation using “LiveResponse / TriageData” artifacts; analysis of folder sharing, use of process logs/registry; OSINT element.
Detroit Becomes Human	Hard	Detroit Becomes Human - walkthrough	Malware via social-media link → execution of malicious installer → staging in “C:\Program Files (x86)\Google\Install\” → script execution → forensic analysis of event logs and PowerShell.
Streamer	Hard	-—	--—