BlackHat MEA CTF Finals 2023 — Forensic (NoopAPT)

Ashish Dhone
3 min readNov 23, 2023

Introduction

In this article, I’ll share my experience cracking the forensics challenge “NoopAPT” during the BlackHat MEA CTF Finals 2023. The challenge was both straightforward and tricky, making it an enjoyable puzzle. I decided to walk you through the process of how I tackled it.

The challenge provided a file named “challpcap.pcapng” in the Forensic category. The goal was to identify a malicious connection. The problem statement was simple, but the solution required careful analysis.

Can you identify the malicious connection?

Getting Started

The first step was to open the provided file, “challpcap.pcapng,” using Wireshark. This tool allows us to analyze network traffic and understand the communication within the captured data.

Analyzing the Data

After opening the file, I navigated to Statistics → Conversations → “IPv4” to get statistics…

--

--

Ashish Dhone
Ashish Dhone

Written by Ashish Dhone

Top Hacker’s Ranking in World | Best Bug Hunter @Microsoft MVR 2023 & 2024 @Apple 2022 @Google 2021 & 300+ | CRTP | LPT | CPENT | eWPTXv2 | CHFI | CEH | CVEs x4

No responses yet