Video walkthrough for retired @HackTheBox (HTB) Forensics challenge "Event Horizon" [easy]: "Our CEO's computer was compromised in a phishing attack. The attackers took care to clear the PowerShell logs, so we don't know what they executed. Can you help us?" - Hope you enjoy 🙂
Sign up for HackTheBox: https://htb-signup.cryptocat.me
↢HackTheBox↣
https://app.hackthebox.eu/challenges/158
👷♂️Resources🛠
https://cryptocat.me/resources
↢Chapters↣
Start - 0:00
Explore logs - 0:40
Move to CommandoVM - 3:40
Analyse Powershell logs - 5:25
Decode with CyberChef - 8:25
