tl;dr

• Reverse to find unique function not containing bad stack canary
• Libc leak using format string vulnerability in printf
• ROP chain to get shell

tl;dr

• Chrome extension debugging and exploitation
• Leaking flag byte by byte using css injection

tl;dr

• Analysis of different types of malware in a linear storyline
• Windows timelining
• Analysis of Rootkit, Ransomware, C2 Framework, Process Hollowing, Persistence, and more

tl;dr

• appending same bytes to an existing collision results in a collision as well
• reusing nonce leads to secret leak

tl;dr

• Timing-based attack on the double-and-add algorithm to recover secret value d
• Predict pseudo-random value using the NSA backdoor on Dual_EC_DRBG

tl;dr

• Challenge 2 of Batman Investigation series
• Ransomware Investigation
• Rust based Ransomware Analysis with process dump analysis to recover the randomly generated decryption vector and windows malware analysis
• Recovering from a ransomware attack

Full detailed writeup for ReAL-File-System which is centered around ReFS Log Analysis.

tl;dr

• Disk Forensics
• Resilient File System
• Log Analysis

tl;dr

• Registry Hives analysis
• Analyse Chrome browser artifacts
• Analyse Slack artifacts
• Analyse AnyDesk artifacts
• Analyse artifacts for evidence of execution
• Analyse clipboard artifacts

tl;dr

Image gallery 1

• Get xss by uploading index.html in public dir
• Use bf cache to get the flag.

Image gallery 2

• Slice files.js using nginx partial caching.
• Use Subresource Integrity to load the right script
• Use DOM clobbering and Cache probing to leak the flag uuid

Full solution of Batman Investigation II - Gotham Underground Corruption from bi0sctf 2024

tl;dr

• Challenge 1 of Batman Investigation series
• Memory Forensics - WinDBG Dump Debugging - Malware Analysis - Incident Response - Threat Hunting