forensic

Writeup: Timbershade - TRAFFIC ANALYSIS EXERCISE

3 minute read Published:

I had already solved one exercise from @malware_traffic's website about network traffic related to malware infections. I have been slow to pick a new exercise from the very long list but I chose Timbershade and it was a lot of fun! Short one, but learned a lot once again.
Malware Traffic Analysis @malware_traffic blog has a lot of knowledge so I highly recommend to bookmark it somewhere. The real treasure is of course the amazing exercises page. Depending on the exercise, you get a pcap and other files. The pcap file is a traffic capture which we can analyse in Wireshark and find out where things went wrong! Being able to effectively analyse traffic is a very important skill for the security of any organisation.

Writeup: TRAFFIC ANALYSIS EXERCISE

4 minute read Published:

Found the great website of @malware_traffic about network traffic related to malware infections. This is a subject that interests me a lot so I thought I would give the exercises a try and see if I can find something!
Malware Traffic Analysis @malware_traffic's blog has a lot of knowledge so I highly recommend to bookmark it somewhere. The real treasure is of course the amazing exercises page. Depending on the exercise, you get a pcap and other files. The pcap file is a traffic capture which we can analyse in Wireshark and find out where things went wrong! Being able to effectively analyse traffic is a very important skill for the security for any organisation.

i18 Challenge - Part 2

4 minute read Published:

Here is the second part of the i18 CTF with 4 more challenges. This time I learned about Reverse Engineering, DNS lookup, more RE, and finally some steganography that ended up not working.
5: Lett fluidmekanikk An executable file. Clue one: The program also accepts the password as an argument. Clue two: The password exists (perhaps) in a dictionary. We get an executable file asking for a password. Enter the wrong one and it quits. I’m a complete beginner in Reverse Engineering but I have enjoyed a few tutorial videos so let’s jump right in with Immunity. When you open the file, right click View module ‘crackme’.

i18 Challenge - Part 1

5 minute read Published:

I was given the link to this CTF that ran back in 2015, and I thought I would take the opportunity to start writing about my thought process using these challenges. If you want to try for yourself, the link is at the beginning of the post.
The i18 has 13 challenges that you can find at this address. This CTF is in Norwegian, but has a very small amount of text so google translate is more than enough, but I will translate the text and clues to english here. This is the first part of my writeup where I will do the first 4 challenges. It is very possible that I will make mistakes or take longer path to the flag, so if you have any recommandation or correction, feel free to contact me by email or twitter.

Pentesting tools

This page will be a completely chaotic list of tools, articles, and resources I use regularly in Pentesting and CTF situations. My goal is to update this list as often as possible with examples, articles, and useful tips. It will serve as a reference for myself when I forget things and hopefully help other to discover tools that they haven’t used. If you know of more tools or find a mistake, please contact me on Twitter or by email (links above).