Malicious Excel files have been a popular vector for delivering malware, phishing, and other types of cyberattacks. Excel files are commonly used for sharing data and macros, which makes them a popular target for cybercriminals. In this article, we will discuss how to investigate a malicious Excel file and identify…

This week I participated in the CTF event organized by WolvSec. In this event, I only focused on the forensic and OSINT challenges. In this article I will discuss the OSINT challenge. Challenge OSINT is a series tagged WannaFlag, with a starting question set of 3 and 2 more after completing…

Memory forensics is one of the sub-categories of digital forensics that I usually find in ctf competitions. Where it is necessary to analyze the results of a memory dump of an operating system such as windows or linux. I found this topic after joining the Cyberscape ctf yesterday, which was…

This topic come from one of the digital forensics category challenges held by Autobahn Security. This time I will discuss the category of network forensics. This challenge completed a few days after the competition is over :( The brief of this challenge is as follows. We captured a lot of suspicious HTTP requests last month on one of…

Follina or known and listed as CVE-2022–30190 is one of latest famous vulnerability that revealed on May 2022. This vulnerability affect microsoft office document that bring malicious html as external link and goes to execute powershell code to take over the system. More insight i got when try to solve…

NahamCon CTF 2022 is a gamified cyber security event and part of free virtual security conference Hosted by STOK, John Hammond and NahamSec. One of the challenge is OSINT(Open Source Intelligence), if you new about it I already write about OSINT in bahasa here. It’s a bundle challenge titled Keeber…

Hardening sering terdengar dalam dunia teknologi informasi yang bila dibahasakan memiliki makna pengerasan, ini sejalan dengan proses yang dilakukan yaitu meningkatkan keamanan pada sebuah perangkat sistem informasi dengan menerapkan baseline tertentu, sehingga dapat terkesan makin keras, semakin solid. Karena tidak mungkin bila menggunakan perangkat dengan konfigurasi default dari sumbernya. …

Steganography is the art of concealing a message, image, or file within another message, image, or file, so, audio steganography is a technique used in steganography, to hide data in audio media. One of this technique is utilize the audio spectrum to hide the data. Hiding secret messages in digital…

Disclaimer: this post is for learning purposes. I hope you already done with all official sources of the platform and learn it. I will start this post by explaining a little about the D3FEND framework. If you already search this, you’ll be directed to https://d3fend.mitre.org/. d3fend is a new schema…