Web Security Investigation

Scenario Overview

A web server has been compromised. The SOC has collected logs and network traffic from the duration of the attack. Your job is to reconstruct the attacker's timeline.

You will need to utilize Linux command-line tools to analyze the web server logs, and Wireshark to dissect the packet capture. Navigate through the 3 phases on the left menu to extract the forensic artifacts.