Malicious LNK files.
picoCTF 2019 shark on the wire 2 Writeup
picoCTF 2019 shark on wire 1 Writeup
picoCTF 2019 WebNet1 Writeup
picoCTF 2019 WebNet0 Writeup
I was writing some PowerShell scripts to scan disks for certain types of malware and realized that Get-ChildItem was kind of slow. I googled around and found this site which demonstrated using robocopy.exe and dir as faster alternatives to Get-ChildItem. Here were the results I had searching for LNK files on my disk using both …
Installing OLE Tools on Windows
Find malware running from temporary directories using procfs.
Find masquerading processes using procfs.
Using procfs For Forensics and Incident Response.
A quick overview of triage data acquisition in the context of attack/defend CTFs.
Accessing Alternate Data Streams on VMDK Images on Linux.