CyberDefenders: Mr. Robot

Note: I started with using volatility on my Windows machine, and eventually, I transitioned to working on my Linux machine. Pardon me for screenshots from different OSes. The first task in this challenge is to convert the VMWare Suspended State (.vmss) files to a memory dump so we can perform memory analysis. There is a …

CyberDefenders: BSidesJeddah-Part2 (Memory Image Forensics)

This challenge was released on 12/14/2021 from CyberDefenders. You can access the room at https://cyberdefenders.org/labs/82. This is another blueteam challenge. The skills/tools to be tested and needed to complete this challenge are 99% between volatility2 and volatility3, and 1% Googling, MITRE, Crackstation, and CyberChef. In this challenge, you will gain a better appreciation of how …