.png)
KQLSentinel
Firewall Warden
136 / 17213 XP to level 49
*Rankings computed based on core modules (54041 pts).
Joined in September, 2023
KQLSentinel earned 10 badges
Download Your Certificate!
You've completed games and earned badges! Click on any badge below to view and download your certificate!
Krusty Krab
This analyst completed the "Krusty Krab" module, investigating a phishing attack and data exfiltration. They used Kusto Query Language (KQL) to analyze email and network logs, revealing the use of deceptive email addresses and malicious domains. This exercise emphasized their ability to pivot and connect malicious domains to threat actor behavior, showcasing their proficiency in threat detection and analysis.
Issued on: Oct 05, 2023
World Domination Nation
This analyst completed the "World Domination Nation" module, investigating a sophisticated cyber attack on WDN Consulting. They used Kusto Query Language (KQL) in an investigation that covered lateral movement, credential dumping, system configuration modifications, and full domain compromise. This exercise reinforced their ability to effectively detect, analyze, and respond to complex cyber threats.
Issued on: Oct 05, 2023
Balloons Over Iowa
This analyst completed the "Balloons Over Iowa" module, investigating a phishing and ransomware attack. They identified command and control connections, detected data exfiltration, analyzed Mimikatz activity, and observed shadow copy deletions, demonstrating their ability to effectively respond to and analyze cyber threats.
Issued on: May 02, 2024
MCJ Walker
This analyst completed the "MCJ Walker" module, demonstrating mastery of advanced investigative skills. They used Kusto Query Language (KQL) in an investigation that covered a sophisticated password spray attack, lateral movement via RDP, and full domain compromise. This exercise showcased their expert-level ability to respond to advanced cyber threats by leveraging in-depth knowledge of threat actor tactics, techniques, and procedures (TTPs).
Issued on: Feb 27, 2025
Jojo's Hospital
This analyst completed the JoJo's Hospital module, investigating a cyber attack involving an Initial Access Broker and a Ransomware-as-a-Service (RaaS) operation. They demonstrated skills in detecting phishing and malvertising tactics, tracing unauthorized network access, understanding hacker collaboration, and analyzing ransomware activities.
Issued on: Jul 24, 2025
Rap Beef
This analyst investigated a themed scenario involving rival hip-hop artists. They used key cybersecurity skills to identify suspicious communications and activities, analyzing internal messages to track unauthorized exchanges and uncover patterns. This exercise reinforced critical skills in data analysis, threat detection, and the application of cybersecurity principles in unconventional contexts.
Issued on: Jul 08, 2025
Valdorian Times
This analyst investigated an email phishing attack in Valdoria that uncovered a politically motivated influence campaign. Using Kusto Query Language (KQL), they analyzed employee roles, email communications, and computer process events, revealing evidence of data exfiltration and manipulation. This exercise reinforced skill in querying data and understanding data integrity within a cybersecurity context.
Issued on: Jul 09, 2025
Clout Defender
This analyst unraveled a targeted phishing and social engineering attack against a rising influencer. Through OSINT, phishing analysis, and log forensics, they uncovered how personal details shared on social media were exploited to compromise her accounts. Using Kusto Query Language (KQL), they analyzed employee logs, inbound and outbound traffic, and passive DNS data to trace the attacker’s steps and infrastructure. This exercise strengthened skills in threat analysis, digital forensics, and understanding the real-world risks of oversharing online.
Issued on: Nov 26, 2025
Advanced Persistent Analyst
Someone who failed, got up, and tried again!
Issued on: Dec 02, 2025
.png)
Titan Shield
This analyst successfully investigated two highly sophisticated cyberattacks against TitanShield’s sensitive projects, demonstrating advanced investigative skills in identifying social engineering tactics, malicious file execution, and data exfiltration strategies. Using Kusto Query Language (KQL), they unraveled Moonstone Sleet's phishing campaign targeting Project Omega and Crimson Sandstorm’s romance scheme aimed at harvesting critical system and user information. This exercise reinforced skills in threat actor profiling, recognizing social engineering-based reconnaissance on social media, and assessing the broader security implications of protecting intellectual property in a high-stakes defense context.
Issued on: Dec 03, 2025
KQLSentinel played 18 games
Level 1: A Scandal in Valdoria 2430/2430
Level 1: Solvi Systems 0/2860
Level 1: A Rap Beef (START HERE) 950/950
Level 1: Jojo's Hospital 610/610
Level 1: Titan Shield (with Microsoft Defender XDR) 4000/4000
Level 1: Valdoria Votes 2750/2750
Level 1: CloutHaus 1170/1170
Level 2: HopsNStuff 4110/14265
Level 2: KRUSTY KRAB 7360/7360
Level 2: AzureCrest - The full version 8730/8790
Level 2: Frognado in Valdoria 0/1690
Level 3: Balloons Over Iowa 4405/4405
Level 3: Dai Wok Foods 8800/11600
Level 3: DAILY7 🌎 56/7017
Level 3: A Storm Is Brewing In the Lab 0/5670
Level 4: World Domination Nation 8220/8220
Level 5: MCJ Walker 450/15265
Pattern of Life
Issue Badge to KQLSentinel
| # | Image | Badge | Description | Action |
|---|---|---|---|---|
| 1 |  | Helping Hand | This award is community-nominated! Someone in the KC7 community has recognized this user for their contributions to others! | |
| 2 |  | Notre Dame Challenge | Completed the cybersecurity challenge event at Notre Dame in June 2023 | |
| 3 |  | KC7 Top 10 (2023) | Awarded to top 10 KC7 players in 2023 | |
| 4 |  | Cyber Challenge Series: Team Winner | This badge is issued to KC7 players who were members of a team that placed top 3 in a Blue Team Cyber Challenge event! | |
| 5 |  | Super Fan | This badge is issued to any KC7 player who has completed 3 modules or more! | |
| 6 |  | Most Improved | Someone who really improved over the course of a KC7 event! | |
| 7 |  | Cyber Challenge Series: Winner | This badge is issued to KC7 players who placed top 3 (as an individual) in an Blue Team Cyber Challenge event! | |
| 8 |  | 30 day hot steak | Awarded to a user who has answered a question for 30 days in a row. | |
| 9 |  | 90 day streak | Awarded to a user who has answered a question for 90 days in a row. | |
| 10 |  | Inside Encryptodera - Event Participant | Participant in the February 2024 monthly event featuring the Encryptodera module | |
| 11 |  | The Teacher | Someone who really helped lift up their peers and enabled others to learn! | |
| 12 |  | Bright Future | Someone who shows a lot of potential as a future cyber analyst! | |
| 13 |  | Azure Crest | This analyst investigated a ransomware attack, where cost-cutting measures led to a single point of failure in their systems. This exercise highlighted the risks associated with prioritizing cost over security and reinforced skills in identifying vulnerabilities and understanding the broader implications of inadequate security measures in a healthcare context. | |
| 14 |  | 2024 SANS New2Cyber CTF Participant | This badge has been awarded to those who took part in the 2024 SANS New2Cyber x KC7 Capture The Flag (CTF) challenge, which involved investigating a ransomware attack on a hospital. | |
| 15 |  | 60 day streak | Awarded to a user who has answered a question for 60 days in a row. | |
| 16 |  | 120 day streak | Awarded to a user who has answered a question for 120 days in a row! | |
| 17 | | Intro Master | ||
| 18 |  | Wiccon25 | You've participated to the WICCON25 workshop! You've successfully uncovered the full attack chain of a zombie themed ransomware. |