7RedViolin Blog

DFIR Thoughts & CTF Writeups

Powered by Jekyll — Theme by BDHU

KringleCon 4: Four Calling Birds WriteUp - Printer Exploitation

Posted: Jan 14, 2022 | ~ 2 mins read time
#cryptography #ctf #kringlecon-2021
If you have unauthenticated access to upload firmware updates to a printer, what could possibly go wrong?

KringleCon 4: Four Calling Birds WriteUp - WiFi Dongle & Thermostat

Posted: Jan 13, 2022 | ~ 1 min read time
#api #ctf #kringlecon-2021 #wifi
An intro to WiFi and API stuff

KringleCon 4: Four Calling Birds WriteUp - Slot Machine Investigation

Posted: Jan 13, 2022 | ~ 1 min read time
#ctf #kringlecon-2021 #web
Can we beat the odds at a slot machine?

KringleCon 4: Four Calling Birds WriteUp - Greppin' for Gold

Posted: Jan 13, 2022 | ~ 3 mins read time
#ctf #kringlecon-2021
Searching and aggregating logs in the command line

KringleCon 4: Four Calling Birds WriteUp - Strace, Ltrace, Retrace

Posted: Jan 12, 2022 | ~ 1 min read time
#ctf #kringlecon-2021 #linux #reverse-engineering
When an ELF binary doesn't work as expected, how can we troubleshoot it?

KringleCon 4: Four Calling Birds WriteUp - IPv6

Posted: Jan 12, 2022 | ~ 1 min read time
#ctf #kringlecon-2021 #network
You know IPv4 - now what about IPv6?

KringleCon 4: Four Calling Birds WriteUp - ExifTool

Posted: Jan 12, 2022 | ~ 1 min read time
#ctf #forensics #kringlecon-2021
How to quickly search metadata of multiple files

HtB: Lure

Posted: Dec 12, 2021 | ~ 4 mins read time
#ctf #forensics
What is a maldoc and why should I care about macros?

macOS Browser Stuff

Posted: Oct 13, 2021 | ~ 2 mins read time
#browsers #forensics #macOS
Browser artifacts and EDR data you should expect when investigating macOS devices.

macOS - What is SIP?

Posted: Aug 5, 2021 | ~ 1 min read time
#forensics #howto #macOS
What is SIP? A quick dive into the security integrity protection feature introduced back in 10.X that helps keep Apple machines safe from unsigned code.