booting malicious script found via memory forensics analysis
Post
Honeypot
Honeypot memory dump forensics analysis
Mr Snowy
Event: Cyber Santa is Coming to Town – 2021 HackTheBox Category: pwn PTS: 300 Description: There is ❄️ snow everywhere!!…
Toy Management
Event: Cyber Santa is Coming to Town – 2021 HackTheBox Category: web PTS: 300 Description: the evil elves have changed…
Toy Workshop
Event: Cyber Santa is Coming to Town – 2021 HackTheBox Category: web PTS: 300 Description: The work is going well…
Giveaway
Event: Cyber Santa is Coming to Town – 2021 HackTheBox Category: Forensics PTS: 300 Description: Santa’s SOC team is working…
Elf Directory
Event: Cyber Santa is Coming to Town – 2021 HackTheBox Category: Web PTS: 300 Description: Can you infiltrate the Elf…
Baby APT
Event: Cyber Santa is Coming to Town – 2021 HackTheBox Category: Forensics PTS: 300 Description: This is the most wonderful…
Malware endpoints tracking
Tracking compromised endpoint is fundamental for the prevention of infections and malware spreading. Here a simple visualization tool.
JavaScript – C&C
A Javascript remote command and controller virus used for info exfiltration, everything hidden under couple level of obfuscation.