Forensics
In forensics, flags are often hidden within a large amount of data, whether it be a packet capture like a .pcap file or an image from a memory dump. Challenges may also include retrieving phrases from lengthy texts, repairing files to make them accessible, and more.
What type of file is it?
What applications or commands can open or browse the file?
Usefull commands
- file *
- strings *
- cat *
- file *
- grep *
Usefull tools
- https://trailofbits.github.io/ctf/forensics/
- https://github.com/apsdehal/awesome-ctf#forensics-1"
- Volatility