Sherlock

An in-depth Threat Intelligence investigation of the Hack The Box Sherlocks challenge Dream Job-2, focused on malware used by the Lazarus Group during Operation Dream Job. This analysis covers malware lineage, macro-based initial access, payload staging, and defensive detection opportunities

An Android DFIR investigation of the HTB Sherlocks challenge HookFlare, reconstructing an SMS-based phishing attack, malicious app behavior, permission abuse, and encrypted data exfiltration.

An in-depth forensic investigation of a phishing email from the HTB Sherlocks series. We analyze email headers, SPF validation, and a disguised malicious attachment used in a spearphishing attack.