HTB: Windows Infinity Edge

Writeup for the hard level forensic challenge “Windows Infinity Edge” found here

Challenge description: A motivated APT group has breached our company and utilized custom tooling. We’ve identified the implants on compromised systems and remediated the infection using advanced AntiVirus X. However, one server seems clean but has been exhibiting suspicious traffic. Can you spot something we could have missed while cleaning this system?

Will release this once the challenge is retired as per guidelines

Message me on Discord or email me for tips/help with the challenge!