Not literally—but the network monitor blinked twice. A background process she hadn't launched was running. She checked the hash of the PDF against the one listed on the official syllabus. They didn't match.
She pulled up a hex editor and looked inside the file. Buried after page 83, in a nulled section of the PDF, was a PowerShell script wrapped in base64. It wasn't malware—not exactly. It was a beacon. A tiny, elegant script that pinged a command-and-control server with her machine's hostname, IP address, and a peculiar string: "Lab_user_7 – hashes cracked? Y/N" Not literally—but the network monitor blinked twice
The download took five seconds. The document opened—eighty-three pages of chain-of-custody forms, disk imaging protocols, and network packet analysis exercises. Perfect for her Monday morning class. They didn't match
Her forensic workstation flinched.