This is my writeup for Stonks, a Binary Exploitation puzzle put out for picoCTF 2021. This, along with many other Binary Exploitation puzzles are available at play.picoctf.org. Stonks was not worth a lot of points compared to other challenges, so I figured it would be easy. Comparatively, the highest scoring puzzle in the Binary Exploitation …
Find malware running from temporary directories using procfs.
Find masquerading processes using procfs.
Using procfs For Forensics and Incident Response.
Install evil-winrm on Ubuntu 20.04
A quick overview of triage data acquisition in the context of attack/defend CTFs.
Some post exploitation techniques using gawk.
Accessing Alternate Data Streams on VMDK Images on Linux.
Abusing finger.exe to send data over the network
A common question that new CTF players have is what kind of hardware and software they should bring to an event. I am writing this post to have general-purpose documentation to point people to. The main takeaways from this write-up: Know the rules of the event.You don't need anything fancy.Your laptop should probably be capable …
Some notes and links related to the Volatility Framework
Quick and dirty way to get Volatility working on Ubuntu 20.04