From the course: Kali Purple Essential Training
Join today to access over 23,400 courses taught by industry experts.
A tour of Cyberville with Malcolm - Purple Tutorial
From the course: Kali Purple Essential Training
A tour of Cyberville with Malcolm
Cyberville is a simulated cyber attack exercise created for the 2020 SANS ICS Virtual Conference, capture the flag event. And the associated log capture has been made available for use. This Cyberville PCAP file is available in your exercise folder, and I've already copied it into the Malcolm VM. So let's upload it into the Malcolm system and take a look at the attack. We can select Applications, Internet, Malcolm - Upload. And enter our credentials. And we get the pcap upload screen. We'll select "Add files" and we'll add the Cyberville pcap. This now appears in the list of files to import. This pcap file will be given the default tag Cyberville. We can add more tags to all the logs at this stage if we wanted, but we don't, so we'll leave this blank. We'll check analyze with Suricata Carter and analyze with Zeek. But we don't need to extract Zeek analysis to an external file, so we'll leave this blank as well, and we'll start the upload. Okay. That's done. Let's now go directly to…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.