top of page

Operation Phoenix Fire



The hacker group Gh0St pR0toc0l, a suspected state-actor, has been causing problems for Space Force systems, doing everything from DoS attacks on ground stations to ransomware attacks on our system backups. Follow the steps below to take them down!

Phase 1: OSINT

We found an entry vector into their servers, but it's password protected and we have no real leads on what the password might be. We need to use Open Source Intelligence to find more information on the group that might lead to a password. Use tools such as search engines and Google search commands to help narrow down the information!

Hint: filter the Google results by the domain

bottom of page