Target Cyber Defense Challenge

Introduction

• University of Texas at Austin
• Computer Science, 2025
• Digital forensics and incident response
• Interned at CrowdStrike

Background

• Assembly (learned ARM, but did go through some x86 on my own)
• Prior CTF experience
• Coding
• Basic tools such as Wireshark
• Programming, data structures, computer architecture, operating systems

Tier 1

• Cryptography / Steganography
• Reverse engineering
• USB forensics
• Cyber threat intelligence

Cryptography

• Beware the Ides of March
• Now You See Me, Now You Don’t
• A Snowy Disposition (challenging)
  • Figuring out which spaces counted (only counted spaces at the end at first)
• Follow the Dotted Line
• A Particular Exchange

What I learned

• Recognizing ciphers / type of steg
• Tools
  • Cyberchef
  • stegsolve (aperisolve/stegonline)
  • stegsnow

Reverse engineering

• A5M (challenging)
• r04c4 (challenging)
• Sc0rf1g (challenging) (HARDEST)
• Yarrr (challenging)
  • Didn’t think I had the flag
• Web2ut3

Bonus

  

What I learned

• x86
• Using decompilers

USB forensics

• Find the Blue Yeti
• Know your Filters!
• Moving Files
• I think this Mouse is Plotting on us?
• Keypress…? Keypressing…? Keep pressing on!

What I learned

• Wireshark
• Scripting

Cyber threat intelligence

• WHOIS responsible for this IP address?
• Don’t sweat the MITRE technique
• ISOlate the domain
• The writers are on Cobalt Strike and this is the best pun I could come up with
• Can I copy your ransomware? Yeah just don’t do it opcode for opcode.

What I learned

• VirusTotal
• Yara
• Learning how to read / doing research
• CLOP
  • MOVEit

Tier 2

• Ransomware aftermath
• Checkpoint 1: “Air-gapped”
• Checkpoint 2: The last easy one for a while
• Checkpoint 3: Infinite monkey theorem
• Checkpoint 4: Call for backup
• Checkpoint 5: Raise the flag.txt (challenging)
  • Padding
• Checkpoint 6: Are we there yet?
• Checkpoint 7: El plan

What I learned

• Cyberchef for simple tasks
  • https://tinyurl.com/cyberchef-target
• Scripting for complex tasks

Future

• IoT Forensics Research
• Malware analysis
• Cryptography
• CTF chall inspo

What I liked

• Story – very applicable
• Tooling
• Collaborative
• Perfect amount of difficulty
  • Beginner friendly
• FUN!!!

Thoughts

• Workshops before event?
• Keep it collaborative

THANK YOU!!! https://www.linkedin.com/in/rebeccahuang3/ https://g0ldf15h.github.io/