HTB Business CTF 2026: Project Nightfall Forensics Writeups
HTB Sherlock Caught writeup covering Active Directory DFIR, malicious shortcut analysis, Sliver C2, credential dumping, GPO abuse, and WMI persistence.
HTB Sherlock Hunter writeup covering lateral movement, credential attacks, PCAP analysis, KAPE triage, Autopsy, KeePass, and incident response.
HTB Sherlock Easy Money writeup covering giveaway lure malware, Yandex Browser CVE clues, PowerShell, DLL hijacking, and Windows forensics.
HTB Sherlock SillyEli writeup covering BYOD compromise, fake MS Teams installer malware, PowerShell, scheduled tasks, and reverse shell analysis.
HTB Sherlock Novitas writeup covering memory forensics, malware behavior, Volatility triage, .NET reverse engineering, and Windows compromise.
HTB Sherlock Safecracker writeup covering ransomware investigation, Windows and WSL artifacts, malware analysis, timeline reconstruction, and IOCs.
BKSEC TTV 2026 forensics author writeups covering disk, network, DPAPI, C2, malware, deobfuscation, and challenge design notes.
VCS Passport CTF Blue 2025 forensic writeup tracing a WebLogic RCE attack through logs, PowerShell execution, CVE evidence, and timing.
CSCV 2025 forensics writeups covering DNS exfiltration, PCAP logs, BitLocker recovery, Outlook data, SVG malware, and PowerShell.
Incident response report for a compromised Ubuntu VM, covering Nextcloud logs, RCE, persistence, attacker activity, and Linux malware analysis.
BYUCTF 2025 writeups covering Windows VM forensics, MITRE ATT&CK, Android reversing, web exploitation, and OSINT-style puzzles.
HTB Cyber Apocalypse 2025 forensics writeups covering email phishing, PowerShell, JavaScript malware, memory analysis, and Volatility.
BKSEC CTF TTV 2025 writeups covering memory forensics, Windows artifacts, reverse engineering, and challenge-solving workflow.
Search all indexed posts and pages. Shortcut: Ctrl K
Wheel to zoom - drag to pan - double-click reset
