Back to Labs Week 03

Vulnerability Assessment, Correlation, and Prioritization Run Output and Evidence

This page is generated from the AWS Linux blind-trial run evidence. The terminal transcript below is the actual output rendered into the matching screencast MP4, so instructors can compare the Response HTML and video without guessing.

Screencast match: The section named Run Script Output Shown In Screencast is copied from docs/final/lab-material/screencasts/phase03-lab-screencast-20260517T154718Z.cast. Its SHA-256 is 1c8e0ce6e1c4da9bcf8fd5c58f7b287183bf7d76e30396354523eb4fcb15dfb0. The public video is /downloads/labs/screencasts/phase03-lab-screencast.mp4.

Public Run Script /downloads/labs/scripts/run-week03-lab.sh

Screencast MP4 /downloads/labs/screencasts/phase03-lab-screencast.mp4

Recorded Exit Code 0

MP4 Duration 18.000000 seconds

Transcript Bytes 1219

Screencast Manifest Generated 2026-05-17T16:13:17Z

Run Script Output Shown In Screencast

This is the recorded terminal output for Week 03. It is intentionally verbatim so it can be checked against the MP4 screencast.


===== Phase 3: vulnerability triage and scan evidence =====
200
phase03-scan-detail GET /v1/scans/fbc50d99-7b45-4568-afda-3d807bc8e3cd -> HTTP 200
[
  "data",
  "status"
]
200
phase03-threat-intel GET /v1/analytics/threat-intel/fbc50d99-7b45-4568-afda-3d807bc8e3cd -> HTTP 200
[
  "data",
  "status"
]
200
phase03-reputation GET /v1/analytics/reputation/fbc50d99-7b45-4568-afda-3d807bc8e3cd -> HTTP 200
[
  "data",
  "status"
]
200
phase03-mitre GET /v1/analytics/mitre/fbc50d99-7b45-4568-afda-3d807bc8e3cd -> HTTP 200
[
  "data",
  "status"
]
0

Endpoint Status Output

These status files came from the same remote evidence bundle. They are listed separately so students can see which API calls completed successfully without publishing raw credential examples.

Evidence Status File	HTTP Status
`phase03-mitre.status`	200
`phase03-reputation.status`	200
`phase03-scan-detail.status`	200
`phase03-threat-intel.status`	200

Evidence Files Produced By The Run

The response page records the actual evidence inventory and file shapes from docs/final/lab-material/run-evidence/aws-8414-20260517T152520Z/remote-evidence/phase-json. JSON values that may contain credential examples are summarized rather than published raw.

File	Bytes	SHA-256 Prefix	Shape Or Safe Excerpt
`phase03-cve-lookup.json`	8204	`668d1d95550b0c7a`	object keys: results
`phase03-cve-search.json`	6896	`f98ffd6984b42ff2`	object keys: data, status
`phase03-default-cred-probe.txt`	24	`50faa2cc9ca9063c`	admin:12345 -> HTTP 401
`phase03-host-count.txt`	2	`9a271f2a916b0b6e`	0
`phase03-mitre.json`	10465	`9ae20d90622464a8`	object keys: data, status
`phase03-reputation.json`	1837	`94409d4c738ebc5b`	object keys: data, status
`phase03-scan-detail.json`	797	`a088b9cdeea3699b`	object keys: data, status
`phase03-threat-intel.json`	147	`8a520cbd2e0fa32f`	object keys: data, status