Tags: keylogger python volatility wireshark forensics memory_dump
Rating:
**Official writeup**
tl;dr
+ Extract keylogger script from the memory dump.
+ Extract the master key from the packet capture.
+ Reverse the script to get the flag.
Link to writeup: <https://blog.bi0s.in/2020/08/04/Forensics/InCTFi-LOGarithm/>
Author: [stuxn3t](https://twitter.com/_abhiramkumar)
