Blue Team Labs

Correlate Splunk logs and host forensic artifacts from triage images to reconstruct a multi-stage TeamCity compromise and identify attacker TTPs.

Analyze the Phobos ransomware executable to identify its core behavior, encryption methods, and extract actionable indicators of compromise (IOCs).

Analyze packed ShadowSteal malware using dynamic and static reverse engineering to extract the RC4 key, mutex, and self-deletion command.

Reverse engineer diverse, obfuscated malware samples using static and dynamic analysis tools to identify functionality and extract embedded artifacts.

Synthesize advanced static and dynamic analysis techniques using IDA Pro and debuggers to solve complex reverse engineering challenges.

Analyze and reverse engineer complex malicious challenges using static and dynamic analysis tools to uncover hidden functionality and extract IOCs.

Synthesize advanced reverse engineering techniques to analyze complex malicious binaries and extract hidden flags using IDA Pro, debuggers, and specialized tools.

Determine hidden flags and program logic by reverse engineering unknown binaries using static and dynamic analysis tools.

Reverse engineer multi-stage malicious binaries using IDA Pro and debuggers to uncover hidden functionality and extract embedded flags.