Context: At 14:00h server time, our WAF detected anomalies on the login portal. We suspect an attacker successfully extracted the database using SQL Injection.
Your Mission: Analyze the web server (Apache) logs using the Splunk-style search. You must identify the exact Attacker IP that submitted the malicious payload.
OBJECTIVE
Find the IP that executed the payload: ' OR 1=1 --
Search Tips: You can perform free-text search (e.g., login) or use key:value pairs (e.g., status:500 or ip:192.168.1.1).
0 hits
Time
IP
Method
Path
Status
User-Agent
THREAT NEUTRALIZED
Correct IoC. You gained +200 XP in Blue Team.
π‘οΈ Generar Reporte OSINT
Generar y mantener esta herramienta consume recursos del servidor. CyberEscudo es 100% gratuito y sin publicidad.
Si este reporte te ayuda a proteger tu empresa o te ahorra tiempo de trabajo, ΒΏconsiderarΓas apoyarme para mantener el proyecto vivo?