Protected: HackTheBox.eu – oBfsC4t10n (Forensics 60 points)
zam There is no excerpt because this is a protected post.
forensic
Protected: HackTheBox.eu – oBfsC4t10n2 (Forensics 70 points)
There is no excerpt because this is a protected post.
Protected: HackTheBox.eu – USB Ripper (Forensics 20 points)
There is no excerpt because this is a protected post.
HackTheBox.eu – Reminiscent (Forensics 40 points)
For this question, I use Volatility to solve it. You can try to use Volatility Workbench. For me, it seems like not working properly (or I’m just too noob to…
Shell hiding in image files
One day, we noticed strange GET request towards our JBoss server: From the request above, you’ll quickly noticed that this attack leveraging Apache Struts vulnerability from CVE-2017-5638. The request tried…
Installing bulk_extractor on Mac OS X
All reference is taken at here: https://github.com/simsong/bulk_extractor/wiki/Installing-bulk_extractor bulk_extractor is a computer forensics tool that scans a disk image, a file, or a directory of files and extracts useful information without…
Dionaea simple analysis
For this analysis, we’ll using Python3 that bundled with Dionaea: Running command above will open a Python console. Enter the code below line by line: It will produce test.bin file…
Script to install Thug honeypot on Ubuntu 12.04
Thug is a Python low-interaction honeyclient aimed at mimicking the behaviour of a web browser in order to detect and emulate malicious contents. It based on Python + V8 JS…
Diskscrub – Erase your drive until unable to recover
scrub overwrites hard disks, files, and other devices with repeating patterns intended to make recovering data from these devices more difficult. Although physical destruction is unarguably the most reliable method…