3CX Zip
In aide of the NULL404 Security Group, our team collaboratively developed a Capture The Flag (CTF) challenge designed to test participants’ analytical and technical skills. The challenge featured a multi-layered task where a JPEG file was concealed within a ZIP file embedded in a .pcap file. Participants had to analyze RTP audio traffic to uncover the ZIP file’s name and password, ultimately extracting the flag. To create a realistic scenario, we incorporated the 3CX phone system and simulated traffic interception via a home router.
Null:404 – Forensics-Based CTF (Capture The Flag) Event:
I Serve as Range Engineer and Blue/Red team member, collaborating with The Negotiators and Null404, sponsored by Aclight6. Built a realistic attack range, configured vulnerable servers, developed forensics-based CTF challenges, and implemented Ansible playbooks for automated deployment while supporting overall event execution.
Ludus Cloud
Collaboratively designed and deployed an intentionally insecure Windows domain in the AWS Cloud to simulate real-world attack scenarios. As a team, we developed and executed custom PowerShell malware, enabling the simulation of exploitation techniques. Together, we conducted incident response analysis to identify the attacker’s initial access, lateral movement, objectives, and potential exfiltration paths, strengthening our collective understanding of security vulnerabilities and response strategies.
Additional Projects:
Malware Analysis (04/2024): Investigated a Cobalt Strike beacon hidden in an alternate data stream within the Windows Temp directory. Analyzed persistence mechanisms, including a scheduled task triggered on user login, using Process Explorer, Procmon, and PowerShell. Executed the file to study its system reconnaissance activities.
Capture the Flag Competitions (10/2022 – Present):
National Cyber League (2022, 23, 24, 25): Consistently ranked in the top 80th percentile (individual) and top 90th percentile (team) across Spring and Fall events.
SANS NetWars Tournament (Spring 2024): Achieved 4th place in the team event.
Check out One of my Talks From Null:404! Here -> Persistence Talk
Dalton-Securities 