Flo Aberger | Cyber Notes Structured writeups for labs, CTFs, and security projects.

Ctf

Example CTF: Forensics Challenge

Workflow for quick triage and artifact extraction.

2025-01-02 Platform: TryHackMe Difficulty: medium Status: complete
Tools wiresharkstrings
Tags forensicspcap

Objective

Extract indicators and recover the flag from a pcap.

Steps

  • Identify protocols with conversation statistics.
  • Carve files and inspect payloads.
  • Extract the flag and verify.

Notes

Include command lines and filters you used so you can reproduce quickly.