Description It seems there are many cracks for famous game. but it seems we downloaded the wrong one because it has a suspicious behavior and we need you to investigate it. Tools Tools Required 1- Volatility3 2- Notepad++ 3- Cyberchef 4- Exiftool | Metadata viewer Writeup Q1 What is the suspected process? Well we got a memory dump and we need to locate the suspicious process. so let’s use volatility to go through this challenge....
Description Our friend fell victim to a ransomware attack and reached out to seek your expertise in analyzing the system to uncover the cause of the breach. We have provided you with a memory dump of his computer as the starting point for your investigation. Tools Tools Required 1- Volatility 2- Notepad++ 3- VirusTotal or VM. Writeup Q1 What is the dump profile? Well by checking the file we got it’s a memory dump so we are going to use volatility in this case for our investigations....
Description We are hosting a gallery website for public arts, we faced slowness issues however our deployment team decided to utilize HTTP/2 as when scrolling a webpage with multiple images, a web browser can cancel images that fall outside the viewport, meaning that images entering it can load faster. Everything went smoothly in our testing environment but after going live with the new protocol suddenly everything stopped working. We were able to capture the traffic from the web server, can you help us to figure out what happened?...
Description Dean downloaded a cracked software application from an unofficial source and subsequently discovered that his personal data has been leaked. An investigation is now underway to determine the cause of the data leak and mitigate any potential damage. Tools Tools Required 1- FTKimger 2- Notepad++ 3- Scripting Writeup Q1 What distribution system was used by the victim, including its version? By open the disk image on FTK imager. now we need to start investgiating and find out the system and the version....
Description A user thought they were downloading the SysInternals tool suite and attempted to open it, but the tools did not launch and became inaccessible. Since then, the user has observed that their system has gradually slowed down and become less responsive. Challenge Link : https://cyberdefenders.org/blueteam-ctf-challenges/55 Supportive Tools: Registry Explorer Event Log Explorer AppCompatCachParser VirsuTotal Web Cache View FTK Imager Autopsy Writeup Q1 1: What was the malicious executable file name that the user downloaded?...