Igor_sec's Blog
Hello! Welcome to my blog where I post write-ups for CTF challenges.
Tag: DFIR
-
TryHackMe | Disk Analysis & Autopsy
In this blog, I’ll be documenting my experience with the Disk Analysis & Autopsy room on TryHackMe, which challenged me to leverage disk artifacts to unravel an attack narrative. Room Link: https://tryhackme.com/room/autopsy2ze0 Task 1 Windows 10 Disk Image In the attached VM, there is an Autopsy case file and its corresponding disk image. After loading the .aut file, make…
-
TryHackMe | REvil Corp
Investigating the Compromised Endpoint Scenario: One of the employees at Lockman Group gave an IT department the call; the user is frustrated and mentioned that all of his files are renamed to a weird file extension that he has never seen before. After looking at the user’s workstation, the IT guy already knew what was…
Igor_sec's Blog 