bi0s
  •  Home
  •  Categories
  •  Archives
  •  Tags
  •  Home
  •  Categories
  •  Archives
  •  Tags

Investigation Continues - InCTF Internationals 2020

stuxn3t
2020-08-04
Forensics / Memory

tl;dr

  • Extract Invalid Login timestamp from the windows registry.
  • Extract the timestamp of when a JPEG was opened.
  • Extract Google Chrome’s last run time which was pinned to taskbar from windows registry.
Read More
InCTFi Volatility Windows Memory Analysis Windows Registry

Investigation - InCTF Internationals 2020

stuxn3t
2020-08-04
Forensics / Memory

tl;dr

  • Extract process last run time from the windows registry.
  • Extract process run count from the windows registry.
Read More
InCTFi Volatility Windows Memory Analysis Windows Registry

Official blog of team bi0s

  Projects
  •   bi0s-wargame
    (Unraveling)
  •   bi0s-wiki
    (Free Encyclopedia)
  •   InCTF
    (Nationals CTF)
  •   InCTFj
    (Juniors CTF)

Made With Love and Coffee



Blog content follows the Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) License

Use Material X as theme, total visits times.