tl;dr
- Reverse to find unique function not containing bad stack canary
- Libc leak using format string vulnerability in printf
- ROP chain to get shell
tl;dr
- Chrome extension debugging and exploitation
- Leaking flag byte by byte using css injection
tl;dr
- Analysis of different types of malware in a linear storyline
- Windows timelining
- Analysis of Rootkit, Ransomware, C2 Framework, Process Hollowing, Persistence, and more
tl;dr
- appending same bytes to an existing collision results in a collision as well
- reusing nonce leads to secret leak
tl;dr
- Timing-based attack on the double-and-add algorithm to recover secret value
d - Predict pseudo-random value using the NSA backdoor on Dual_EC_DRBG
tl;dr
- Challenge 2 of Batman Investigation series
- Ransomware Investigation
- Rust based Ransomware Analysis with process dump analysis to recover the randomly generated decryption vector and windows malware analysis
- Recovering from a ransomware attack
Full detailed writeup for ReAL-File-System which is centered around ReFS Log Analysis.
tl;dr
- Disk Forensics
- Resilient File System
- Log Analysis
tl;dr
- Registry Hives analysis
- Analyse Chrome browser artifacts
- Analyse Slack artifacts
- Analyse AnyDesk artifacts
- Analyse artifacts for evidence of execution
- Analyse clipboard artifacts
tl;dr
Image gallery 1
- Get xss by uploading index.html in public dir
- Use bf cache to get the flag.
Image gallery 2
- Slice files.js using nginx partial caching.
- Use Subresource Integrity to load the right script
- Use DOM clobbering and Cache probing to leak the flag uuid
1 / 19