Danh Quan (Pacho)A blog about my life, work, and the journey studying information security.https://blog.pachoalto.xyz/HTB Business CTF 2026: Project Nightfall Forensics Writeupshttps://blog.pachoalto.xyz/posts/htb-business-ctf-2026-project-nightfall/https://blog.pachoalto.xyz/posts/htb-business-ctf-2026-project-nightfall/HTB Business CTF 2026: Project Nightfall Forensics WriteupsSun, 24 May 2026 00:00:00 GMTBKSEC TTV Forensics 2026 Writeupshttps://blog.pachoalto.xyz/posts/bksec-ttv-ctf-2026/https://blog.pachoalto.xyz/posts/bksec-ttv-ctf-2026/BKSEC TTV 2026 forensics author writeups covering disk, network, DPAPI, C2, malware, deobfuscation, and challenge design notes.Mon, 09 Mar 2026 00:00:00 GMTVCS Passport CTF Blue Entrance Exam 2025https://blog.pachoalto.xyz/posts/vcs-passport-entrance-exam-2025/https://blog.pachoalto.xyz/posts/vcs-passport-entrance-exam-2025/VCS Passport CTF Blue 2025 forensic writeup tracing a WebLogic RCE attack through logs, PowerShell execution, CVE evidence, and timing.Sat, 20 Dec 2025 00:00:00 GMTCSCV 2025 Qualifiers: Forensics Challenge Writeuphttps://blog.pachoalto.xyz/posts/cscv-2025-forensics-writeup/https://blog.pachoalto.xyz/posts/cscv-2025-forensics-writeup/CSCV 2025 forensics writeups covering DNS exfiltration, PCAP logs, BitLocker recovery, Outlook data, SVG malware, and PowerShell.Wed, 22 Oct 2025 00:00:00 GMTCompromised Ubuntu VMAnalysishttps://blog.pachoalto.xyz/posts/ubuntu-vm-compromise-analysis/https://blog.pachoalto.xyz/posts/ubuntu-vm-compromise-analysis/Incident response report for a compromised Ubuntu VM, covering Nextcloud logs, RCE, persistence, attacker activity, and Linux malware analysis.Thu, 29 May 2025 00:00:00 GMTBYUCTF-2025 Writeupshttps://blog.pachoalto.xyz/posts/byuctf-2025-writeups/https://blog.pachoalto.xyz/posts/byuctf-2025-writeups/BYUCTF 2025 writeups covering Windows VM forensics, MITRE ATT&CK, Android reversing, web exploitation, and OSINT-style puzzles.Sun, 18 May 2025 00:00:00 GMTHTB Cyber Apocalypse 2025 Forensics Writeuphttps://blog.pachoalto.xyz/posts/htb-cyber-apocalypse-2025/https://blog.pachoalto.xyz/posts/htb-cyber-apocalypse-2025/HTB Cyber Apocalypse 2025 forensics writeups covering email phishing, PowerShell, JavaScript malware, memory analysis, and Volatility.Tue, 01 Apr 2025 00:00:00 GMTBKSEC CTF TTV 2025 Writeupshttps://blog.pachoalto.xyz/posts/bksec-ctf-ttv-2025/https://blog.pachoalto.xyz/posts/bksec-ctf-ttv-2025/BKSEC CTF TTV 2025 writeups covering memory forensics, Windows artifacts, reverse engineering, and challenge-solving workflow.Sun, 02 Mar 2025 00:00:00 GMT