Introducing Memlabs: The Memory Forensics Challenge

?? Memlabs, created by Abhiram Patiballa , is a series of CTF to test your memory forensics skills. You'll dive into computer memory using digital forensics tools to find hidden clues.'

?? Tools Used

• Volatility 2.6

You, need some extra plugins of this tools you can download them from here, or search for superponible volatility plugins

Some improvements have been made to plugins to make them work better. The CSV library was removed from Chromehistory.py and FIrefoxhistory.py files.

• SteghideSteghide is a tool for hiding secret data inside other files, like images or audio. It's used to conceal information in a way that's not obvious, and can be useful for security or watermarking purposes.
• GNU Image Manipulation ProgramGIMP is a free and open-source image editing software like Photoshop, with tools for retouching photos, creating graphics, and more.

?? The Challenges

In this series, we'll tackle seven challenges, each hiding three flags waiting to be discovered. Our mission is to delve into memory snapshots and reveal these elusive flags. Stay tuned as we'll be posting walkthroughs soon through Apex Predators

Flag submission ??

Please email the flags of each lab to [email protected]

Please follow this format for flag submission:

If you find 3 flags in a particular lab, for example:

flag{stage1_is_n0w_d0n3}

flag{stage2_is_n0w_d0n3}

flag{stage3_is_n0w_d0n3}

Concatenate all the flags like this:

flag{stage1_is_n0w_d0n3} flag{stage2_is_n0w_d0n3} flag{stage3_is_n0w_d0n3}

Note: Place the flags in the correct order and ensure they are space-separated. The content inside the flags indicates their respective places. All the labs will follow the same flag format unless specified otherwise.