Skip to main content
VPN Brute Force: Credential Attack on the Remote-Access Portal operation cover
COMING SOONBeginner

VPN Brute Force: Credential Attack on the Remote-Access Portal

A password-spray campaign targets the Halcyon Freight SSL-VPN portal from two rotating source IPs, submitting credentials across many accounts to stay under per-account lockout thresholds. One account eventually matches. Reconstruct the spray, identify the compromised account and the operator IP that opened the active session, and trace the first move the attacker made over the tunnel.

25m
6 tasks
25 points
Free

Launches tomorrow

Jul 3, 2026

Friday, July 3, 2026 at 9:00 AM

Create your free account

Be ready the moment it drops — free forever.

Training Tools

SIEMFirewall

What you'll investigate

6 objectives unlock when this operation goes live.

1Identify the attack pattern in the VPN logs
2Determine how many accounts were targeted
3Find the account where the spray succeeded
4Identify the IP that opened the active session
5Trace the movement over the tunnel
6Classify the access technique

Be first when it launches

Create your free account now. The moment this operation goes live on Jul 3, 2026, you can jump straight in — and you'll have the rest of the catalog to train on meanwhile.

Get Started Free

No credit card required — free forever