#ctf-writeup

Articles tagged with #ctf-writeup

Squid game | Blue team labs
Will you survive the Squid Games? Hello everyone in this day we got a challeng form blue team labs platform where we need to discover the anwanser of these quetions: What is the phone number on the in
Mar 1, 20263 min read
SOC164 Suspicious Mshta Behavior | LestDefend Cyberexersice
Today we’re going to investigate a lestDefent’s alert, trying to response the correct format. Level: Security Operations Type: LOlbin EventID: 114 Tools: AbuseIP, VirusTotal. What are Living-off-the-l
Feb 22, 20264 min read
SOC163 — Suspicious Certutil.exe Usage | LestDefend
now we have more knowledge and I think that It’ll be easy to do. Type: LOLBIN EVENTID: 113 Press enter or click to view image in full size What are Living-off-the-land binaries (LOLBins)? A LoLBin is any binary supplied by the operating system that ...
Feb 18, 20263 min read14
Shiba insider | Blue team labs
This challenge we need to response a cybersecurity incident, using different tools for get more information about it. In my case, I’m goin to use tree: Tools: cyberchef, wireshark, networkminer, exiftool. The core of these tools are: CyberChef: a “d...
Feb 18, 20265 min read4
A critical zero-day vulnerability named ToolShell (CVE-2025–53770) | LestDefend
Alert of the lestdefend SIEM we need to resolve the cyberexercise. Press enter or click to view image in full size Tools: Virus total, AbuseIP and lestdefend tools for research. CVE Common Vulnerabilities and Exposures (CVE) is a standardized, indu...
Feb 18, 20264 min read9
Noxious | Hack the box ctf
The IDS device alerted us to a possible rogue device in the internal Active Directory network. The Intrusion Detection System also indicated signs of LLMNR traffic, which is unusual. It is suspected that an LLMNR poisoning attack occurred. The LLMNR ...
Feb 18, 20266 min read3