tl;dr

• Extract process last run time from the windows registry.
• Extract process run count from the windows registry.

tl;dr

• Decrypt the encrypted GPG file found in Outlook Express with the private key stored on the device.
• Decrypt the firefox saved passwords and log in to the website that the terrorist used.

tl;dr

• Digging into windows registry to find process run counts.
• Extracting and parsing AmCache to find the hash of process images

tl;dr

• Disk Dump extraction.
• USB leftover Capture data extraction.
• Zip file cracking.

tl;dr

• Memory dump analysis using Volatility.
• Extracting Keepass Master Password from the memory.
• Extracting flag from ZIP archive attached in the Keepass database.

tl;dr

• RAID recovery
• JPEG image extraction from lost disk

tl;dr

• EV3 Robot pklg analysis
• .RSF file recovery

Write-Up for the “…—…” challenge from InCTF Internationals 2019

tl;dr

1. Alert signals encoded in morse transfered to the Mi-Band
2. Traverse through the packets and find the appropriate BLE handles of the encoded message
3. Decode the morse encoded message

tl;dr

• Decoding the strings found in TCP stream 0.
• Analysing and extracting data sent via different ports of TCP.
• Using character-wise caesar from the extracted data.
• Zip cracking

tl;dr

• Chrome history analysis
• File recovery from the memory dump
• Raw analysis of email content
• Environment variables analysis
• RAR password cracking
• Corrupted file analysis