かしわば(@kash1064)

かしわば(@kash1064)

Aspiring Reverse Engineer and CTF Player (Team: 0nePadding). Passionate about WinDbg and Anti-Virus internals. OSCP / CISSP. Working at Microsoft Japan, but all views expressed are my own.

© 2026 かえるのひみつきち

Volatility (en)

CTF (en)

Analyzing Windows Memory with Volatility3 and Identifying Command History from a WSL bash Process

Using a HeroCTF 2023 challenge as a case study, I analyzed Windows memory with Volatility and extracted command lines from a WSL process.

Read