Huntress CTF 2023 #

In October 2023, Huntress ran a CTF to coincide with Cybersecurity awareness month. The competition ran from October 2, 12:00 PM ET - October 31, 11:59 PM ET, with new challenges released every day.

" For this specific Capture the Flag competition, we hope to offer hands-on and practical exercises based around malware analysis, digital forensics and incident response, threat hunting or cyber threat intelligence, and general security. We will be releasing new challenges for you to play every single day throughout the month of October. "

I was late to the party and joined on October 25th and did what I could in those few days and completed 15 of the challenges across Forensics, Malware, Miscellaneous and warmups categories.

Fancy4n6 solves

Any write ups for challenges not on that list I did after the challenge had finished.

Tool list by challenge #

Below are some links and also the tools that I used to complete the challenges, mainly so that I have a place to come and remember!

Forensics challenges #

Opposable Thumbs (easy)
- xxd
- Thumbcache viewer
Dumpster Fire (easy)
- Firefox decrypt
- Firepwd
Wimble (easy)
- PECmd.exe - EZTools
Traffic (medium)
- rita
Tragedy Redux (medium)
Rogue Inbox (medium)
- Timeline explorer - EZTools
Bad Memory (medium)
- Volatility3
- HashCat
Texas chainsaw Massacre: Tokyo Drift (hard)
- Chainsaw
- CyberChef

Malware challenges #

VeeBeeEee (easy)
HumanTwo (easy)
Snake Eater (easy)
BlackCat (easy)
PHP Stager (easy)
RAT (medium)
Opendir (medium)
Batchfuscation (medium)
Speakfriend (medium)
Snake Eater II (medium)
Zerion (medium)
Thumb Drive (medium)
- LECmd.exe - EZTools
Snake Oil (medium)
Hot Off The Press (medium)
BlackCat II (hard)
Crab Rave (hard)

Additional write-ups #

The ‘official’ writeups by HuskyHacks: https://www.youtube.com/playlist?list=PLta338B2b1DXCbwzGzG5XkEQAaZhlwtbJ

The following people have written up their versions of the challenges, an incomplete list here (in no particular order):