DFIR Blog
  • Infosec
    • Blog
    • Threat Landscape
    • Cloud Security
  • Digital Forensics
    • Windows Forensics
    • Mac Forensics
    • Memory Forensics
    • Forensic Resources
  • Incident Response
  • Contact

Memory Forensics

Rick just loves to play some good old videogames. can you tell which game is he playing? whats the IP address of the server?

3/31/2019

 
Picture
vol.py -f OtterCTF.vmem --profile=Win7SP1x64 netscan

  • CTF{LunarMS} from process list
  • CTF{77.102.199.102} from netscan

Comments are closed.

    Archives

    August 2019
    July 2019
    April 2019
    March 2019

    Categories

    All
    Ctf
    Defcon
    DFIR
    Forensics
    Memory
    Memory Forensics

    RSS Feed

  • Infosec
    • Blog
    • Threat Landscape
    • Cloud Security
  • Digital Forensics
    • Windows Forensics
    • Mac Forensics
    • Memory Forensics
    • Forensic Resources
  • Incident Response
  • Contact