Tag: Forensics
All posts tagged with "Forensics"
PCAP Command Hunter
🔍 PCAP Command Hunter Generate context-aware command-line snippets for hunting malicious activity in network captures. Describe what you’re …
Bitlocker 1
Description Jacky is not very knowledgable about the best security passwords and used a simple password to encrypt their BitLocker drive. See if you …
Bitlocker 2
Description Author: Venax Jacky has learnt about the importance of strong passwords and made sure to encrypt the BitLocker drive with a very long and …
Event Viewing
A detailed writeup for the “Event Viewing” challenge from picoCTF, covering the analysis of Windows Event Logs to uncover hidden flags.
Ph4nt0m 1ntrud3r
Description Author: Prince Niyonshuti N. A digital ghost has breached my defenses, and my sensitive data has been stolen! 😱💻 Your mission is to …
RED
Description Author: Shuailin Pan (LeConjuror) Description RED, RED, RED, RED Download the image: …
CyberChef
Cyberchef is a web app for analyzing and decoding data. It provides a wide range of tools for encoding, decoding, encrypting, decrypting, and …
TheHive - Security Incident Response Platform
Ref: Strangebee - Installation TheHive is a scalable, open-source Security Incident Response Platform (SIRP) designed to assist security teams in …
Disk, disk, sleuth! II
Description All we know is the file with the flag is named down-at-the-bottom.txt… Disk image: dds2-alpine.flag.img.gz …
Enhance!
Description Download this image file and find the flag. Download image file https://artifacts.picoctf.net/c/100/drawing.flag.svg Info This one was …
extensions
Description This is a really weird text file TXT? Can you find the flag? Info Looking at the file, it actually claims to be a PNG. So just change the …
File Types
Description This file was found among some files marked confidential but my pdf reader cannot read it, maybe yours can. You can download the file from …
hideme
Description Every file gets a flag. The SOC analyst saw one image been sent back and forth between two people. They decided to investigate and found …
Lookey here
Description Attackers have hidden information in a very large mass of data in the past, maybe they are still doing it. Download the data here. …
Milkslap
Description 🥛http://mercury.picoctf.net:16940/ Info Went to website: http://mercury.picoctf.net:16940/ Right Click and download image / html / css / …
Operation Oni
Description Download this disk image, find the key and log into the remote machine. Note: if you are using the webshell, download and extract the disk …
Operation Orchid
Description Download this image and find the flag. https://artifacts.picoctf.net/c/216/pico.flag.png Info gunzip disk.img.gz Mounted disk.img to /mnt …
Redaction gone wrong
Description Now you DON’T see me. This report has some critical data in it, some of which have been redacted correctly, while some were not. Can you …
Shark on wire 1
Description We found this packet capture. Recover the flag. …
SideChannel
Description There’s something fishy about this PIN-code checker, can you figure out the PIN and get the flag? Download the PIN checker program …
Sleuthkit Apprentice
Description Download this disk image and find the flag. Note: if you are using the webshell, download and extract the disk image into /tmp not your …
Sleuthkit Intro
Description Download the disk image and use mmls on it to find the size of the Linux partition. Connect to the remote checker service to check your …
So Meta
Description Find the flag in this picture. https://jupiter.challenges.picoctf.org/static/916b07b4c87062c165ace1d3d31ef655/pico_img.png Info First …
St3g0
Description Download this image and find the flag. https://artifacts.picoctf.net/c/216/pico.flag.png Info Zsteg from bash 9 lines …
Who is it
Description Someone just sent you an email claiming to be Google’s co-founder Larry Page but you suspect a scam. Can you help us identify whose …