AceBear CTF 19

I had a lot of fun and a hard time during this CTF, but the challenges are really awesome. I spent the whole time solving one challenge: Incident Response. In my opinion, this challenge closely resembles a real-life scenario and I’m glad that I’ve learned a lot out of it. So here goes the write up for it! Incident Response - Misc 1000 1. Memory forensics - Identifying the malicious program In this challenge, we’re given a network capture and a memory dump of a Windows machine.

Read more