OWASP PCCOE

  Welcome Back to the Official Write-Up Series of ByteMe CTF! The OWASP PCCOE Student Chapter is turning up the technical heat for our 9th write-up. We are moving from the persistent records of the Citadel into the flickering, volatile world of Memory Forensics with Ashes of The Realm . This challenge tests a hunter's ability to find truth when the disk itself has been turned to ash. Category: Forensics Difficulty: Hard Author: Sarthak Warale Theme: Game of Thrones / Volatile Memory Challenge Summary: The Invisible Trail In this scenario, all persistent data—files, logs, and records—has been destroyed. The only surviving evidence exists in volatile memory (RAM) , specifically preserved within active shell sessions at the time the system was "captured." Participants were provided with a Linux memory dump: memdump.lime . Tools & Setup: Volatility 3 To analyze a memory dump, the gold standard is Volatility 3 . However, this challenge presented a specific hurdle: th...

  Welcome Back to the Official Write-Up Series of ByteMe CTF! The OWASP PCCOE Student Chapter is taking you on a journey across the Narrow Sea for our 8th write-up. This challenge, Raven’s Whisper , is a masterclass in OSINT Reconnaissance , requiring participants to track a digital identity across platforms and bridge the gap between fiction and reality. Category: OSINT / Recon Difficulty: Easy–Medium Author: Arnav Khadke Theme: Game of Thrones / Real-world Locations Step 1: The Identity Hunt (Sherlock Holmes of the Realm) The challenge started with a single lead: a GitHub username, gore-htm975 . Standard social media searches often turn up empty for such specific handles. To solve this, participants were expected to use Sherlock , a powerful command-line tool that hunts for usernames across hundreds of social networks. The Result: Sherlock confirmed the identity on GitHub. Navigating to the profile, participants found a repository containing a single, mysterious image of a ...

  Welcome Back to the Official Write-Up Series of ByteMe CTF! The OWASP PCCOE Student Chapter is diving into the shadows of digital storage. For our 7th write-up, we explore GHOSTS OF THE REALM , a challenge that focuses on the persistence of "deleted" data and the forensic value of database artifacts. Category: Digital Forensics / Database Analysis Difficulty: Medium Author: Sharayu Kotkar Theme: Game of Thrones / The Citadel Archives Problem Statement A raven once carried a message across the realm, but the Citadel’s records now show no trace of it. The archive appears intact and the messages ordinary yet in Westeros, things thought lost often leave shadows behind. Your task is to investigate these remnants and recover the message that refused to disappear. Provided Files The challenge provides three specific files: chat.db chat.db-wal chat.db-shm Investigation & Analysis Step 1: Identifying the Artifacts The .db extension identifies the main file as a SQLite data...