The goal of this Digital Forensic Research Workshop challenge is to extract information from a memory dump.

Although the challenge is over, you can still do the challenge with the files posted on the website.

Primary questionsEdit

  • What hidden processes were running on the system, and how were they hidden?
  • What other evidence of the intrusion can be extracted from the memory dumps?
  • Why did "plist.exe" and "fport.exe" not work on the compromised system?
  • Was the intruder specifically seeking Professor Goatboy's research materials?
  • Did the intruder obtain the Professor's research?
  • What computer was the intrusion launched from?
  • Is there any indication of who the intruder might be?

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.