THE DFIR BLOG
Menu

Memory Forensics

Rick just loves to play some good old videogames. can you tell which game is he playing? whats the IP address of the server?

3/31/2019

 
Picture
vol.py -f OtterCTF.vmem --profile=Win7SP1x64 netscan

  • CTF{LunarMS} from process list
  • CTF{77.102.199.102} from netscan

Comments are closed.

    Archives

    August 2019
    July 2019
    April 2019
    March 2019

    Categories

    All
    Ctf
    Defcon
    DFIR
    Forensics
    Memory
    Memory Forensics

    RSS Feed

  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me
  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me