Accessing Alternate Data Streams on VMDK Images on Linux.
Review of Malware Data Science: Attack Detection and Attribution
My review of SEKTOR7 Institute's Red Team Operator, Windows Persistence course.
Configure a git repository's origin as SSH rather than HTTPS.
Abusing finger.exe to send data over the network
Windows Startup Folder locations.
Review of RED TEAM Operator: Malware Development Essentials Course by SEKTOR7 Institute.
A common question that new CTF players have is what kind of hardware and software they should bring to an event. I am writing this post to have general-purpose documentation to point people to. The main takeaways from this write-up: Know the rules of the event.You don't need anything fancy.Your laptop should probably be capable …
This is a write up for "EZ crackme" by R3tr0BS: https://crackmes.one/crackme/5fcfb87933c5d424269a1afc This challenge came with two files: Readme.txt and run.exe Readme.txt contained the following: so this is my first crackme, you need to use the password or..... do it your way, good luck, R3tr0. run.exe has a hash of 3bc592f4963add05a2d28bc469b5cd6ea00b973516ba1a1fccc10f1590f26152 % sha256sum run.exe 3bc592f4963add05a2d28bc469b5cd6ea00b973516ba1a1fccc10f1590f26152 run.exe …
I don't use Volatility as often as I'd like. Whenever I need to use it, I have to re-familiarize myself with the plugins and syntax. Here are some of the commands that I end up using a lot, and some tips that make things easier for me. Cheat Sheets and References Here are links to …
Quick and dirty way to get Volatility working on Ubuntu 20.04
Notes about Windows Sysinternals tools from a security point of view.