recollection memory forensics challenge


This lab is made by HackTheBox.

Lab Scenario

“A junior member of our security team has been performing research and testing on what we believe to be an old and insecure operating system. We believe it may have been compromised & have managed to retrieve a memory dump of the asset. We want to confirm what actions were carried out by the attacker and if any other assets in our environment might be affected. Please answer the questions below.”

Downloading the Memory Dump / Running on the Cloud Lab

Please visit the lab official link.

Used Tools


  • To uncompress the lab file (pass: hacktheblue)
  • The lab is FREE at the time of writing this post (if retired, it will be paid and only for VIP users)


In this blog, I briefly notified you about a newly released memory forensic challenge.

~ Cya in the Next One