CTF Writeups

Ransomware-style challenge requiring memory capture analysis and reverse engineering of an encryption tool to recover a deleted key.

Analysis of a DNS-based covert channel used for data exfiltration and ransomware delivery. Includes malware reconstruction and custom LCG decryption.

Investigation of a malicious npm package and its Go-based payload through Windows disk image analysis.

Detailed overview of the Securinets CTF Qualifications 2025. Competed with Team Mojo Jojo and achieved 38th place (5th in North Africa). This documents the overall event and links to detailed challenge writeups.

A complete beginner-to-intermediate guide to memory forensics using Volatility 3. Covers installation, essential plugins, process analysis, network artifact extraction, and memory-resident malware hunting.

Tracing a phishing attack chain from initial email delivery in Outlook to scheduled task persistence using Volatility 3 and AmCache forensics.

Overview of forensics challenges from QnQSec CTF 2025, covering memory forensics with Volatility 3, phishing incident response, and Living Off The Land (LOTL) techniques.