Memory forensics

An introduction to digital forensics.

Yesterday is but today's memory! Using tools like gdb, strace, volatility or just even plain strings, you can peek into the running behavior of programs, no matter if they are alive or long gone! Use your skills to understand what strange binaries are doing, and to analyze some real world windows malware!

Challenges

It's right there. Flag should have a format of \forensics(...)

It gets built for you!. Flag should have a format of \forensics(...)

The program is listening for your needs! Flag should have a format of \forensics(...)

The program is shouting in the dark! Flag should have a format of \forensics(...)

Using volatility analyse the properties of a memory image

Using volatility discover the processes that were running

Using volatility find what goes on in the service host process.

Using volatility dump the memory of an infected process and discover how it listens for connections.

30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank		Hacker	Badges		Score

Memory forensics

An introduction to digital forensics.

Challenges

level1

level2

level3

level4

level5

level6

level7

level8

30-Day Scoreboard:

Memory forensics

An introduction to digital forensics.

Challenges

level1 34 solves

level1

level2 29 solves

level2

level3 32 solves

level3

level4 32 solves

level4

level5 34 solves

level5

level6 34 solves

level6

level7 26 solves

level7

level8 30 solves

level8

30-Day Scoreboard: