Detection and Analysis of Web Shell Activity Through Network Traffic

This analysis was conducted in a simulated lab environment for learning purposes. Executive Summary Analyzing internal private IPs that began scanning other internal systems. I found this network activity suspicious when one internal private IP perfo...