write ups

Nahamcon 2023

IR Challenge

The author of this challenge presents us with a virtual machine that has been compromised by ransomware.

There are five stages starting by finding hidden files left on the machine, uncovering how the ransomware was placed on the machine, making sense of the obfuscated PowerShell script, identifying the exfiltration site, and reversing the malware’s encryption.


Nahamcon 2022

A Wild Ride

We are given a password protected .zip file that needs hashed with zip2john and then cracked with John The Ripper. Inside are some gps tracker data that needs stitched together to show the flag written on a map.

Cyber Security Rumble 2022


In this challenge we are given a file that ends up being a signal capture that is analyzed by SigRok PulseView.