write ups

Cyber Security Rumble 2022


In this challenge we are given a file that ends up being a signal capture that is analyzed by SigRok PulseView.

Nahamcon 2023

IR Challenge

The author of this challenge presents us with a virtual machine that has been compromised by ransomware.

There are five stages starting by finding hidden files left on the machine, uncovering how the ransomware was placed on the machine, making sense of the obfuscated PowerShell script, identifying the exfiltration site, and reversing the malware’s encryption.