The objective of this challenge is to analyze a disk image and network traffic capture to uncover hidden data exfiltration techniques, reverse custom encryption mechanisms, and ultimately retrieve the attackerās payload or flag.
The objective of this challenge is to analyze a memory dump to identify post-exploitation artifacts, uncover suspicious process behavior, decrypt and execute in-memory payloads, and extract the attackerās intended shellcode or flag.
This page contains my review on the certifications I took this year, including CMPen (iOS & Android), Pentest+, CRTA, PT1 and CPTS.
The goal of the challenge is to perform an adversarial attack against two provided YOLO (You Only Look Once) models. Craft an image such that the two models produce **significantly different predictions**, demonstrating an understanding of adversarial machine learning techniques.
A basic sanity check challenge meant to ensure players can access and retrieve files from a shared forensic resource. Serves as a warm-up to verify setup and tool readiness.
Investigate a compromised WordPress server, identify the attack vector, and determine which file was uploaded by the attacker using forensic analysis of the web server structure and logs.
Investigate a suspected privilege escalation attack on a compromised Linux system. Identify traces of exploitation, determine the method used (e.g., kernel-level exploits), and locate the attackerās payload or tool to recover the flag.
Identify evidence of attacker persistence by analyzing remnants left on a compromised system, including outbound communication artifacts such as Pastebin links. Use digital forensic techniques to trace how the attacker maintained access or control.
The goal of this challenge is to reverse engineer an obfuscated **Khronos SPIR-V binary**, reconstruct the logic used to generate an output image, and recover the original flag hidden within its data transformations.
The goal of this challenge is to analyze suspicious network traffic to identify ARP poisoning activity and extract the exfiltrated flag data.