Over the weekend, the Securinets Finals CTF took place at INSAT in Tunisia, hosting international teams from around the world. As part of the technical team, I contributed two forensics challenges.

In this writeup, you’ll find the detailed solution for my two chalenges:

• Warmup, a smal keylogging forensics scenario.
• Revenge, an internal phishing and compromise investigation, tracing an attacker’s actions from initial mail to full system takeover.