Wargames.MY 2023 CTF – Compromised
zam As usual, start your CTF by read the question/description that indeed “very helpful” XD Download the “evidence.zip” & extract it. You’ll get the folders like below: So I randomly checked…
December 2023
Wargames.MY 2023 CTF – SeeYou
As usual, real the description given. It says that “a file” been “transferred” to another “internal computer“. So we know that this might involving traffic between 2 internal IPs. Download…
Extracting Quarantine Files from Windows Defender
Recently, I got an incident related to Windows Defender detected & quarantined file related to some backdoor. The MDE alert details show something like this: Usually, we go with the…