Forensics, Active Directory, Reverse, CTF stuff. There are so many interesting topics to cover and so little time to do it all.
Having fun with KeePass2: DLL Hijacking and hooking APIs
With the recent KeePass2 disputed CVE-2023-24055 and all the fuss around it, it motivated me to finish a little project I had started last year.
Writeup: Cyber Apocalypse CTF 2022 - Reflection
Last week we played the Cyber Apocalypse CTF 2022 - Intergalactic Chase with my team. This article serves as a writeup for the Reflection forensic challenge.
Reflective loading: Loading a PE file in memory
Now that we know about the PE (portable executable) format, let’s talk about reflective loading and what happens in memory.
Introduction to the PE file format
Let’s talk about the PE (portable executable) format and explore it in great detail.