#Forensics | samiko@127.0.0.1~$

DFIR Investigation - DownUnderCTF 2022 Writeup

A digital forensics and incident response challenge on deobfuscating a C2 persistence PowerShell stager, using ActivitiesCache.db to reveal past user activities, and recovering resident data from the NTFS Master File Table.

Posted on Sat, Oct 8, 2022 DownUnderCTF 2022 Forensics Code Deobfuscation ActivitiesCache MFT

Vault - IJCTF 2021 Writeup

A forensics category challenge on recovering TLS session keys from a packet capture, and decrypting TLS traffic tunnelled over ICMP (ping) through a SOCKS proxy, then recovering files from partial HTTP/2 requests.

Posted on Sun, Jul 25, 2021 IJCTF 2021 Forensics Network Analysis

Chicken - UMassCTF '21 Writeup

Chicken Chicken Chicken: Chicken Chicken? A forensics category challenge all about extracting hidden streams in a PDF file and 7-Zip password cracking.

Posted on Mon, Mar 29, 2021 UMassCTF'21 Forensics Password Cracking