Techniques

Timeline Reconstruction

2 items with this tag

Whisper

Investigating unauthorized offensive activity on a corporate workstation through registry forensics, prefetch analysis, browser history, shellbag analysis, event log correlation, and SAM hash extraction with password cracking.

CTF Writeupeasy

Packet Puzzle

Reconstructing a complete attack chain from a PCAP file: SYN scan detection, CVE-2024-4577 PHP CGI argument injection exploitation, PowerShell reverse shell reconstruction, and failed GodPotato privilege escalation analysis using tshark and capinfos.