you sneakymonkey!
  • 127.0.0.1
  • OSCP
  • Github
  • My Feedly
  • CV
  • Cyber Security Challenge
  • Whitehatters Academy

grrcon

A collection of 4 posts

grrcon

GrrCon 2017 DFIR write up - Level 1

#GrrCon 2017 #DFIR #CTF challenge. Several host images and memory dumps need to be analysed and investigated. Submit IOCs as you progress...

Mark Mark
ctf

GrrCon 2016 DFIR Write up - Part 3

Level 3 Question 16) What is the maldoc md5hash? Start by using FILESCAN and searching for documents .rtf, .doc, .docx etc... [email protected]:~# python volatility/vol.py -f /mnt/hgfs/Shared/Part3/ecorpwin7-e73257c4.

Mark Mark
grrcon

GrrCon 2016 DFIR Write up - Part 2

Level 2 Question 5) What is the password the malware used to enable remote access to the system? From the community Volatility section, download and call the 'editbox' plugin. Also, I didn't know,

Mark Mark
forensics

GrrCon 2016 DFIR Write up - Part 1

CTF HOMEPAGE https://ir.e-corp.biz/home To start off, get Volatility or a prebuilt vm like SANS SIFT Workstation, they've recommended using the provided Security Onion image. Also, check out the community

Mark Mark
you sneakymonkey! © 2021
Latest Posts Twitter Ghost