Photos and videos
9(-_-9) retweeted
28 Nov 2025
Six new challenges have been added to DFIR LABS, focused on complex malware analysis, high-fidelity threat hunting and advanced DFIR investigation. Designed to push your expertise.
If you haven’t explored DFIR LABS yet, now is the time!
github.com/Azr43lKn1ght/DFIR…
3
10
757
9(-_-9) retweeted
20 Jul 2025
New insane challenge: Android FBE-encrypted disk - extract masterkeys from cold booted kernel memory, decrypt userdata, analyze post-exploitation artifacts, C2 activity, and ransomware analysis.
If you haven’t explored DFIR LABS yet, now is the time!
github.com/Azr43lKn1ght/DFIR…
41
142
6,073
When stepping into DFIR LABS, don’t miss my latest challenge — Kage no Nazo. Just added, and waiting to be unraveled.
12 Jun 2025
Three insane challenges have been added to DFIR LABS, focused on evidence tampered ransomware recovery, rootkit attack chain, and macOS memory investigations. Designed to push your expertise.
If you haven’t explored DFIR LABS yet,
now is the time!
github.com/Azr43lKn1ght/DFIR…
2
7
643
9(-_-9) retweeted
18 Mar 2025
Introducing VolExoPass - Volatility 3 plugin that extracts potential Exodus Wallet passphrases. It analyzes process VAD to recover passphrases along with their VAD allocation address, passphrase memory location, and PID.
github.com/Azr43lKn1ght/VolE…
#volatility3
15
57
2,937
9(-_-9) retweeted
19 Jan 2025
Introducing DFIR Labs: A 24-challenge series by internationally acclaimed CTF authors, tailored for professionals, researchers and students. Master DFIR, Malware Analysis and Threat Hunting through challenges designed to push your expertise to new heights
github.com/Azr43lKn1ght/DFIR…
6
158
544
38,216
9(-_-9) retweeted
6 Jan 2025
Introducing Rust-ProcHollow: a sophisticated and efficient implementation of process hollowing now in Rust ! Complete with support for Portable Executable (PE) relocation.
github.com/Azr43lKn1ght/Rust…
#Rust #Malware #Maldev #OffensiveRust #Windows
4
26
908
Happy to share that we clinched 1st place at #niteCTF24 this past weekend! 🏆
A big thank you to the organizers #cryptonite for a great event and congratulations to all participating teams.
#teambi0s #CTF
7
47
2,004
9(-_-9) retweeted
5 Dec 2024
Coauthored an article for @SANSInstitute with my friend Abdelrhman on "Analysis of Virtual Address Descriptors" for hunting malwares, ransomware keys, notepad abuse/data recovery and detailed windows internals of a process and its memory structure.
sans.org/blog/the-analysis-o…
2
24
73
4,316
9(-_-9) retweeted
2 Nov 2024
I had fun authoring 3 DFIR challenges for International Cybersecurity Challenge Edition III, Chile which went unsolved at the end of the CTF, 2 Challenges with
@j0hith
@sp3p3x
@mspr75
@hrippix_
and 1 solo.
Also Congratulations Team Europe for the victory #ICC #IC3
2
15
1,304
9(-_-9) retweeted
2 Nov 2024
Just Published a tool to parse Ext4 File System of Android and Linux. it can File System, Superblock, Group Descriptor, inode, xattr, Directory, Blocks, Extent and hashtree informations. Just have to extend parsing journal and decrypting Android FBE.
github.com/Azr43lKn1ght/ext4…
5
24
1,114
A really good post on the basic's of Win Internals and deeper
3 Jun 2024
Delve into Windows Memory Internals! Explore virtual address spaces, process internals and memory models for a deeper understanding of memory forensics & malware analysis! Third post of Malware Development, Analysis and DFIR Series
azr43lkn1ght.github.io/Malwa…
#DFIR #Memoryforensics
1
8
201
9(-_-9) retweeted
7 May 2024
Start from the ground up! Learn the fundamentals of x86 assembly in my latest blog post, where I lay the groundwork for you to become a master of Malware Analysis!
Second post in Malware Development, Analysis and DFIR series out
azr43lkn1ght.github.io/Malwa…
#MalwareAnalysis #DFIR #RE
13
28
1,936
Recruitment for upcoming freshers is now open!
Click here to get started: join.bi0s.in
*Note*: Recruitment is open only to freshers joining Amrita University, Amritapuri.
#recruitment #Cybersecurity #CTF #Security #teambi0s
5
16
38
4,392
9(-_-9) retweeted
17 Apr 2024
Investigating and analyzing various Malwares like rootkit, ransomware, c2 and more. here is our writeup for the fourth challenge in Batman Investigation Series from bi0sctf 2024!
@sp3p3x
@j0hith
@mspr75
blog.bi0s.in/2024/04/17/Fore…
#dfir #malwareanalysis #windows #forensics
2
10
469
9(-_-9) retweeted
17 Apr 2024
A new blog series about Malware Development, Malware Analysis, DFIR focusing on windows. Roadway for DFIR beginner to a Advanced!
azr43lkn1ght.github.io/Malwa…
#dfir #malwareanalysis #incidentresponse #malware #windowsdfir #malwaredevelopment
10
20
1,140
9(-_-9) retweeted
17 Apr 2024
Investigating and analyzing various Malwares like rootkit, ransomware, c2 and more. here is our writeup for the fourth challenge in Batman Investigation Series from bi0sctf 2024!
@sp3p3x @j0hith @mspr75
azr43lkn1ght.github.io/Batma…
#dfir #malwareanalysis
3
16
940
9(-_-9) retweeted
29 Feb 2024
Here's my write-up for the second challenge of Batman Investigation Series in bi0sCTF 2024 blog.bi0s.in/2024/02/27/Fore…
#dfir #malwareanalysis #bi0sctf2024 #blockchainforensics #memoryforensics #macforensics #incidentresponse
1
10
22
2,896
#bi0sctf 2024 has officially ended!
Congrats to the winners:
1. @thehackerscrew1
2. @r3kapig
3. @FlatNetworkOrg
We hope you enjoyed the challenges this edition, and hope to see everyone again for bi0sCTF 2025!
Please do leave your feedback at ctftime.org/event/2117
23
58
13,896
Our DFIR team won first prize in The International Digital Forensics Challenge (DFC) 2023, organized by @KIISC_DFR
@Azr43lKn1ght , @5h4rrK , @sp3p3x and @j0hith were invited to present at the DFRF ceremony in Seoul, South Korea.
Thank you @KIISC_DFR for this opportunity.
3
13
77
3,889