KinJih

A HackTheBox Sherlock Unit42 investigation walkthrough using Sysmon events to reconstruct malicious download, dropped files, and the UltraVNC infection flow.

A HackTheBox Sherlock Brutus investigation walkthrough using auth.log and wtmp to reconstruct SSH brute force, persistence, and follow-up attacker activity.

A writeup for the CGGC CTF 2023 preliminary round, covering Web, Misc, and Reverse challenges with analysis notes and payloads.

An analysis of the .NET deserialization flaw in Progress WS_FTP Server’s Ad Hoc Transfer module, covering the unauthenticated RCE trigger path and PoC.