This writeup is about one out of two forensic challenges from the Blackalps 2019 CTF. It is about memory analysis and identifying certain processes and files in order to extract them. A password protected PDF requires the cracking of a KeePass database. The szenario is based on the Area51 Raid which happened on September 20, 2019.
I want to welcome you on this blog. The goal of this blog is to mainly publish writeups of CTFs and other hacking challenges. I hope you will enjoy the writeups and learn from it.