https://b1872f9d.camati-site.pages.dev/ Recent content on Hugo -- gohugo.io en-us Sun, 19 Apr 2026 17:36:49 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-08/ Sun, 19 Apr 2026 17:36:49 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-08/ Holmes 2025 5: The Payload Write-up Description This is my write-up for the Sherlock Challange completed on 04/12 in the HTB challanges, bellow are my answers for the challange and how i got each flag. Goal Analyze a stealthy malware sample that silently propagates across systems. Your task is to uncover its hidden logic, understand how it maintains persistence, and reveal the secret it’s designed to protect. Scenario With the malware extracted, Holmes inspects its logic. https://b1872f9d.camati-site.pages.dev/posts/case-study-07/ Sat, 28 Mar 2026 15:12:59 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-07/ Introduction In this blog post I will show how I solved the Sherlocks Hijacked challenge in HTB about DFIR1 and mobile malware (android). The description of the challenge is the following: A S1rBank client reported unauthorized transactions. The victim received an SMS urging a banking app update via a link, which installed a dormant app mimicking the bank’s official version. Once activated, it stole credentials, bypassed 2FA via SMS interception, and exfiltrated data. https://b1872f9d.camati-site.pages.dev/posts/case-study-06/ Sat, 27 Dec 2025 09:19:28 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-06/ HackTheBox Hijacked Challenge - Sherlocks forensics Introduction In this blog post I will show how I solved the Sherlocks Hijacked challenge in HTB about DFIR1 and memory forensics. The description of the challenge is the following: Happy Grunwald, the CEO of Forela, decided to expand the company’s business in Lahore, Pakistan, and brought along his IT Administrator, Alonzo Spire, to help set up the new office and ensure the company’s IT infrastructure was running smoothly. https://b1872f9d.camati-site.pages.dev/posts/case-study-05/ Sat, 27 Sep 2025 20:21:34 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-05/ HackTheBox CrewCrow Challenge - Sherlocks forensics Introduction In this blog post I will show how I solved the Sherlocks CrewCrow challange in HTB about DFIR1, cryptography and Zoom app enumeration. The description of the challenge is the following: The Cyber Crime Investigation Unit (CCIU) has been tracking a famous cybercriminal organization known as “CrewCrow” for several years. The group is responsible for numerous high-profile cyber-attacks, targeting financial institutions, government agencies, and private corporations worldwide. https://b1872f9d.camati-site.pages.dev/posts/case-study-04/ Wed, 02 Jul 2025 21:37:18 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-04/ Compromising nation-wide infrastructure and the state of the cyberwarfare In a world that is more and more connected and depending upon the core infrastructure, be it an ISP1 or telecom providers, it becomes critical that these infrastructure becomes hardened and relevant to any government. Today we see war coming more and more into the cyberspace, since kinetic war2 that takes place in the real world would mean mutual destruction between the evolves parties that holds under their arsenal of weapons the infamous weapons of mass destruction (WMD), like nuclear and biological weapons, is ironically what makes the world live in “peace” but these is far from being the complete picture of what is truly happening. https://b1872f9d.camati-site.pages.dev/posts/case-study-03/ Tue, 07 Jan 2025 13:11:03 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-03/ Supply chain attack Supply chain attack is an very broad and big type of cybersecurity attack that continuing getting more attention and reinvented year after year, usually related to 1APTs groups that infiltrate an third-party companies to gain access to an even bigger and more critical companies or even governments. It’s also related to other malicious activity to getter informations even from companies or projects that use third-party packages that is compromised by these bad actors. https://b1872f9d.camati-site.pages.dev/posts/case-study-02/ Wed, 02 Oct 2024 10:47:22 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-02/ VPN - Virtual Private Network If there is hot topic in Brazil (as of the date of this post) is VPN, there has been some problems between Elon Musk’s X and the supreme court of Brazil. VPN has been a central topic since it was the preferred method used to bypass the geoblocking of X inside Brazil allowing its users to continue using the platform even after the ban, but what is VPN in the first place? https://b1872f9d.camati-site.pages.dev/posts/case-study-01/ Sun, 08 Sep 2024 23:08:50 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-01/ Malware analysis Since I started to learn about how computer works and how can we program it to do what we want, one thing has catch my attention: The assembly language and the power of reverse engineering. Reversing engineer something and having the knowledge of how it works internally so we can use this knowledge in our own projects or for our own understanding, is the clearly definition to “hack” something. https://b1872f9d.camati-site.pages.dev/about/about/ Mon, 01 Jan 0001 00:00:00 +0000 https://b1872f9d.camati-site.pages.dev/about/about/ About me Hi and welcome to my web blog. I’m Marcelo Camati, an Brazilian cybersecurity engineering by passion, avid Linux power user and cyberpunk theme enthusiast. This blog is used as my public notes for my study cases, opinions and ideas mainly on cybersecurity, digital privacy and the “cyberspace” as a whole. ⚠️ Do not take my word for everything I write here, I’ll always try to stay true to the facts and provide the source material but I strong encourage you to also go after the knowledge and create your own opinion about the subject.