solved and written by dark_mendes and I. This ctf was put up by ekraal, as part of the aspire program. new challenges can be found at ciphercode.dev every other week:) A windows disk image was provided to conduct forensic analysis on. To solve the Windows Forensics challenges, we used the…

INTRODUCTION On 17th February 2021, e-Kraal released OSINT challenges as part of their Aspire weekly CTF. dark_mendes22 and I decided to hop on the challenge to refresh our OSINT skills, here’s our write-up. Resources used: 1. Exiftools 2. Social media (Facebook, twitter) 3. https://www.blockchain.com/explorer 4. https://www.walletexplorer.com/ 5. https://www.bitcoinabuse.com/ 6. Yandex…

Vulnhub, is a great platform for anyone looking to do Penetration testing to familiarize themselves and challenge themselves to try harder. As I was scrolling through the site, I came by Colddbox, a supposed easy boot to root box recommended for beginners and decided to try and solve it. I…

Enumeration. let’s start with a simple nmap scan by running nmap -sC -sV -p- <vulnmachineIP>. this returns an apache web server running on port 80:

I would like to share a very great ctf challenge put together by the Gitlab AppSec team. I haven’t solved all the challenges but so far so cool…they are all integrated from mobile to web sec and good enough for beginners like me to gurus with so much fun in between :) in case you haven’t checked it already, here you go ! https://about.gitlab.com/blog/2020/08/12/how-to-play-gitlab-ctf-at-home/ until next time,Happy learning:>