THE DFIR BLOG
Menu

Memory Forensics

2019 Unofficial Defcon DFIR CTF - Memory Forensics

8/11/2019

 
Thanks for Champlian Collage Digital Forensic Association to put up unofficial DFIR 2019 CTF for us. You can download the image from this dropbox link:
https://www.dropbox.com/sh/4qfk1miauqbvqst/AAAVCI1G8Sc8xMoqK_TtmSbia?dl=0
CTF Link: https://defcon2019.ctfd.io/ 
In this post, I am only covering the "Memory Forensics Section" of the Defcon DFIR 2019 CTF. I'll be doing other posts for the other parts of the Defcon DFIR 2019 CTF. ​I am using Volatility to do this challenge but feel free to use the tool of your choice. Some of the questions are complex, please try it and feel free to contact me if you have any questions, Happy to help!
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
Picture
flag<EMPLOY~1.LNK>
Picture
Picture
Picture

    Archives

    August 2019
    July 2019
    April 2019
    March 2019

    Categories

    All
    Ctf
    Defcon
    DFIR
    Forensics
    Memory
    Memory Forensics

    RSS Feed

  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me
  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me