2390 words
12 minutes
OffSec Echo Response Event
2026-04-02
Events
ctf
/
offsec-events
/
echo-response
/
season-1
/
incident-response
/
forensics
/
writeups
Echo Response Logo

Echo Response β€” OffSec Challenge Solutions πŸ›‘οΈ#

Cyber Realm Β· Season 1 Β· Proving Grounds: The Gauntlet#

Status Challenges Score

Welcome to my solution repository for the OffSec Echo Response cybersecurity challenge series! This repo contains detailed writeups, investigation reports, and solution scripts for each weekly challenge from the β€œProving Grounds: The Gauntlet” event.

πŸ“– About Echo Response#

β€œIn the vast multiverse where magic and cybersecurity intertwine, the OffSec Legends, elite guides and guardians, have long upheld the fragile balance between the Cyber Realms. But now, shadows stir.”

Echo Response is a high-stakes cyber defense simulation featuring escalating scenarios inspired by real-world threats. Each week brings new challenges testing detection, forensics, malware analysis, and incident response skills.

πŸ“‚ Challenge Solutions#

βœ… Week 0 - Tutorial Challenge#

Tutorial Challenge

Status: COMPLETED
Category: Incident Response, Log Analysis, Encoding
Difficulty: Easy

Scenario: Introduction to Echo Response challenge format through Base64 decoding and web server log analysis. Participants decode a cybersecurity awareness poem and identify a path traversal attack targeting SSH private keys.

Key Skills:

  • Base64 encoding/decoding
  • Web server log analysis
  • Path traversal vulnerability detection
  • Security incident investigation
  • Answer format familiarization

Key Findings:

  • Successfully decoded Base64-encoded tutorial message
  • Identified path traversal attack from IP 192.168.1.101
  • Detected SSH private key exfiltration (/home/dave/.ssh/id_rsa)
  • 1,678 bytes exfiltrated with HTTP 200 status (successful attack)

Files:

βœ… Week 1 - ProtoVault Breach#

ProtoVault Breach

Status: COMPLETED
Category: Incident Response, Digital Forensics, OSINT
Difficulty: Beginner

Scenario: A database breach at ProtoVault with ransom demands. Investigation revealed hardcoded credentials, public S3 buckets, and Git history leaks.

Key Skills:

  • Git forensics and artifact recovery
  • ROT13 decoding
  • AWS S3 security analysis
  • Source code security review

Files:

βœ… Week 2 - Stealer’s Shadow#

Stealer's Shadow

Status: COMPLETED
Category: Incident Response, Malware Analysis, Threat Intelligence
Difficulty: Intermediate

Scenario: Data exfiltration incident at Megacorp One (The Etherians). Sophisticated multi-stage attack using blockchain payload delivery, LOLBin abuse, and registry hijacking to steal credentials and sensitive data.

Key Skills:

  • Sysmon log analysis and Windows forensics
  • Blockchain-based payload investigation
  • LOLBin (Living Off the Land Binaries) detection
  • Email and browser artifact forensics
  • C2 infrastructure mapping
  • Credential theft analysis
  • Advanced social engineering techniques

Novel Techniques Discovered:

  • Smart contract payload delivery via Ethereum RPC
  • Fake CAPTCHA social engineering
  • IMEWDBLD.EXE abuse for malware download
  • Registry file association hijacking

Files:

βœ… Week 3 - Quantum Conundrum#

Quantum Conundrum

Status: COMPLETED
Category: Reverse Engineering, Cryptanalysis, Binary Analysis
Difficulty: Insane

Scenario: Break Megacorp Quantum’s β€œunbreakable” and β€œquantum-proof” encryption protecting the Obscuran Key. Reverse-engineer a sophisticated multi-layer cipher, analyze binary code, and decrypt the encrypted vault to extract the hidden flag.

Key Skills:

  • Binary reverse engineering with Ghidra
  • Cryptanalysis and custom cipher breaking
  • Algorithm analysis and reconstruction
  • Bit manipulation and matrix operations
  • Python decryption script development
  • Base64 decoding and data parsing
  • Security vulnerability assessment

Novel Techniques Discovered:

  • 7-layer transformation pipeline (Ring rotation, Add/Subtract constants, Cyclic shifts, Quadrant swaps, Bit-pair swap, Variable rotation)
  • Weak keystream generation via simple arithmetic
  • Hardcoded salt exploitation
  • Matrix-based obfuscation techniques

Files:

βœ… Week 4 - Echo Trail#

Echo Trail

Status: COMPLETED
Category: Incident Response, Cloud Security, Digital Forensics
Difficulty: Intermediate

Scenario: Multi-stage attack against Empathreach (NGO-Hub) involving phishing, MFA bypass, Azure cloud exploitation, and database exfiltration. The adversary seeks the Nullform Key metadata hidden deep within NGO-Hub’s systems.

Key Skills:

  • Email forensics and phishing analysis
  • Network traffic analysis (PCAP)
  • Azure AD log analysis and authentication investigation
  • SMTP protocol analysis
  • Azure Cloud Shell forensics
  • Azure Arc SSH lateral movement detection
  • Database exfiltration analysis
  • Windows Event Log analysis (Sysmon)
  • Multi-source log correlation
  • MITRE ATT&CK threat mapping

Novel Techniques Discovered:

  • Typosquatting domain abuse (mcrosoft.com)
  • Azure MFA bypass patterns
  • Azure Arc SSH for lateral movement
  • Cloud Shell exploitation
  • MariaDB mysqldump for data exfiltration

Files:

βœ… Week 5 - Emerald Anomaly#

Emerald Anomaly

Status: COMPLETED
Category: Incident Response, Malware Analysis, Network Forensics
Difficulty: Hard

Scenario: Supply chain attack against MEGACORPONE through a backdoored Python MCP (Model Context Protocol) server. Sophisticated multi-stage attack using typosquatting, obfuscation, credential exfiltration, and SMTP relay validation to compromise CLIENT14 and steal employee credentials.

Key Skills:

  • Python malware reverse engineering
  • Obfuscation analysis and decoding
  • Typosquatting detection and analysis
  • Sysmon Event ID 22 (DNS Query) analysis
  • PCAP analysis for SMTP authentication
  • Base64 credential decoding
  • Network IOC extraction
  • Multi-stage attack chain reconstruction
  • C2 infrastructure mapping

Novel Techniques Discovered:

  • CRYPTO_SEED character substitution cipher
  • GitHub domain typosquatting (avatars.githubuserc0ntent.com)
  • MCP server supply chain backdoor
  • Dual-infrastructure attack (C2 + SMTP relay)
  • Azure infrastructure EHLO spoofing
  • Keyword-triggered credential exfiltration

Attack Chain:

  1. Backdoored MCP server deployed on CLIENT14
  2. PowerShell commands with β€œpass”/β€œsecurestring” trigger exfiltration
  3. Credentials sent to typosquatted domain (100.43.72.21)
  4. SMTP relay (79.134.64.179) validates stolen credentials
  5. Attacker gains email access for lateral movement

Files:

βœ… Week 6 - Nullform Vault#

Nullform Vault

Status: INVESTIGATION COMPLETE βœ…
Category: Malware Analysis, Reverse Engineering, Digital Forensics
Difficulty: Hard

Scenario: The final confrontation - analyzing Obfuscated_Intent.exe, a sophisticated UPX-packed malware sample designed to exfiltrate sensitive documents. The malware employs anti-debugging checks, ICMP reconnaissance, recursive filesystem scanning, and PowerShell-based HTTP exfiltration to steal office documents and emails. Investigation successfully concluded. All IOCs documented. The Nullform Key has been secured.

Key Skills:

  • UPX unpacking and binary analysis
  • PE file format analysis
  • Anti-debugging technique identification
  • PowerShell obfuscation analysis
  • Hex encoding/decoding
  • Import table analysis (WS2_32.dll, IPHLPAPI.DLL)
  • ICMP protocol analysis
  • HTTP exfiltration detection
  • C runtime function analysis (_wsystem)
  • MITRE ATT&CK technique mapping

Novel Techniques Discovered:

  • UPX packing for binary obfuscation
  • Hex-encoded URL strings in PowerShell commands
  • XOR-encoded file extensions (key 0x7a)
  • ICMP β€œw00t” payload for connectivity verification
  • _wsystem() for PowerShell command execution
  • Invoke-RestMethod PUT for individual file uploads
  • Anti-debugging checks (IsDebuggerPresent, CheckRemoteDebuggerPresent)

Attack Chain:

  1. Execute UPX-packed malware (Obfuscated_Intent.exe)
  2. Perform anti-debugging checks to evade analysis
  3. Send ICMP ping with β€œw00t” payload to verify C2 connectivity (203.0.113.42)
  4. Recursively scan C:\ for target file types (.pdf, .doc, .docx, .xls, .msg)
  5. Construct PowerShell commands with hex-encoded exfiltration URL
  6. Execute _wsystem() to run PowerShell Invoke-RestMethod
  7. Upload files via HTTP PUT to http://203.0.113.42:8000/

Files:

βœ… Week 7 - Codex Circuit#

Codex Circuit

Status: COMPLETED
Category: Network Forensics, Incident Response, PCAP Analysis
Difficulty: Easy

Scenario: At the heart of the Cyber Realms lies the Codex Circuit - the foundation of every permission, boundary, vault, and soulprint. With Voidweaver ready to activate it, a critical alert emerges: confidential MegaCorp documents have surfaced on a public forum. The Security Operations Center suspects internal misuse of Slack collaboration tools.

Challenge Objective: Analyze network traffic (PCAP) to uncover Slack-based data exfiltration, identify the users involved (internal employee and threat actor), determine the timeline of events, and recover the exfiltrated customer data.

Key Skills:

  • PCAP analysis using Scapy
  • Slack API forensics (files.upload, file_shared events)
  • HTTP/HTTPS traffic analysis
  • Timeline reconstruction from packet data
  • User attribution via conversation context
  • File extraction from network captures
  • Excel file parsing and analysis
  • JSON payload analysis
  • Timestamp conversion (Unix to GMT)
  • Insider threat detection

Key Findings:

  • Exfiltrated File: sensitive_customer_list.xls (6,656 bytes, 3 customer records worth $300,000)
  • Internal User: Ava (U09KA40P3F0) shared file at 2025-10-10 11:51:36 GMT
  • Threat Actor: James Brown (U09KRBDV8S1) exfiltrated to rogue workspace
  • Rogue Workspace: secret-ops-workspace.slack.com (Team ID: T09KSNJU27Q)
  • Legitimate Workspace: team-megacorp.slack.com (Team ID: T09KR3R0PFB)
  • Attack Duration: 6 minutes 12 seconds (from internal share to exfiltration)

Attack Chain:

  1. Ava uploads customer list to company_documents channel
  2. File shared to channel members at 11:51:36 GMT
  3. James Brown (legitimate member) downloads file
  4. James Brown uploads same file to rogue workspace at 11:57:48 GMT
  5. Sensitive customer data now exposed on unauthorized Slack workspace

Files:

βœ… Week 8 - Last Ascent#

Last Ascent

Status: COMPLETED
Category: ICS/SCADA Forensics, Incident Response, Privilege Escalation
Difficulty: Insane

Scenario: The final ascent - a critical incident response scenario targeting Megacorp One’s Energy Systems Division. Autonomous wind turbines have been manipulated and taken out of MegaCorp One’s control. The power stabilization layer has been compromised, and the Codex Circuit’s protective perimeter is now vulnerable.

Challenge Objective: Investigate a sophisticated multi-stage attack spanning phishing, kernel exploitation, credential theft, SSH pivoting, and ICS/SCADA manipulation. Reconstruct the complete attack chain from initial access to turbine shutdown.

Key Skills:

  • ICS/SCADA Forensics and Modbus protocol analysis
  • Windows privilege escalation analysis (CVE-2024-35250)
  • SSP DLL credential harvesting detection
  • Sysmon log analysis (78MB+ logs)
  • Browser forensics (Chrome history)
  • SSH key forensics
  • Binary masquerading detection
  • IT-OT convergence attack investigation
  • MITRE ATT&CK technique mapping

Key Findings:

  • Phishing Domain: microsoft-login.com (typosquatting Microsoft)
  • Browser: Chrome 137.0.7151.56
  • Privilege Escalation: CVE-2024-35250 (ks.sys/MSKSSRV kernel vulnerability)
  • Exploit Tool: BitLockerDeviceEncrypton.exe (note typo - masquerading technique!)
  • Credential Harvester: ssp.dll injected into LSASS
  • Captured Credentials: carmen.santos:Qwerty09!
  • Pivot Info: SSH username vyos with router2.privkey
  • Attacker IP: 192.168.1.253 (Router2/VyOS)
  • Impact: All 4 wind turbines forced into 24-hour lockout

Attack Chain:

  1. Phishing via microsoft-login.com β†’ Initial access
  2. BitLockerDeviceEncrypton.exe β†’ CVE-2024-35250 β†’ SYSTEM privileges
  3. ssp.dll β†’ LSASS injection β†’ Credential capture
  4. SSH pivot via router2.privkey β†’ Router2 (192.168.1.253)
  5. MonitorTool.exe exploitation β†’ RESOURCES server compromise
  6. Modbus commands β†’ PLCs (192.168.2.1-192.168.2.4) β†’ Turbine lockout

Files:

🎯 Learning Objectives#

Through these challenges, I’m developing expertise in:

  • Incident Response: Systematic investigation methodologies
  • Digital Forensics: Evidence collection and analysis
  • Malware Analysis: Threat detection and reverse engineering
  • Security Operations: Monitoring, detection, and response
  • Cloud Security: AWS and Azure infrastructure security
  • Python Automation: Security tooling and scripting
  • OSINT Techniques: Open source intelligence gathering
  • Azure Security: Azure AD, Azure Arc, Cloud Shell investigation
  • Email Security: Phishing detection and analysis
  • Network Forensics: PCAP analysis and traffic inspection
  • Reverse Engineering: Binary analysis, decompilation, and obfuscation reversal
  • Cryptanalysis: Breaking custom encryption schemes
  • DNS Security: Typosquatting detection and analysis
  • Log Analysis: Web server log parsing and pattern detection
  • Encoding/Decoding: Base64 and other encoding schemes
  • Web Security: Path traversal and directory traversal attacks
  • Supply Chain Security: Backdoor detection in legitimate software
  • Credential Theft Analysis: Exfiltration detection and prevention
  • ICS/SCADA Security: Modbus protocol analysis, PLC forensics, IT-OT convergence
  • Privilege Escalation: Kernel exploitation analysis, CVE research

πŸ› οΈ Tools & Technologies#

  • Programming: Python, Bash/PowerShell scripting, C/C++ analysis
  • Version Control: Git forensics
  • Cloud: AWS (S3, IAM, Secrets Manager), Azure (Azure AD, Azure Arc, Cloud Shell)
  • Cryptography: Encoding/decoding, cipher analysis, custom algorithm breaking, Base64, ROT13, XOR
  • Security: OWASP practices, security frameworks, MITRE ATT&CK
  • Forensics: Log analysis, artifact recovery, PCAP analysis, Sysmon, Windows Event Logs
  • Network Analysis: Wireshark, Scapy, tcpdump, SMTP protocol analysis, Slack API forensics
  • Email Analysis: SMTP protocol analysis, phishing detection
  • Database: SQL, MySQL/MariaDB forensics
  • Windows: Sysmon, Event Viewer, Windows Event Logs, PowerShell forensics, LSASS analysis
  • Reverse Engineering: Ghidra, Python decompilation, binary analysis, obfuscation reversal, PE analysis
  • Malware Analysis: Static analysis, dynamic analysis, IOC extraction, UPX unpacking, anti-debugging detection
  • DNS: DNS query analysis, typosquatting detection
  • ICS/SCADA: Modbus protocol analysis, PLC forensics, industrial control system security
  • Privilege Escalation: Kernel vulnerability analysis, CVE research, exploit analysis
  • Detection Engineering: Yara rules, Snort rules, Sigma rules
  • Web Security: Path traversal detection, access log analysis, vulnerability assessment

πŸ“Š Progress Tracker#

WeekChallenge NameStatusCategoryDifficulty
0Tutorial Challengeβœ… CompletedLog Analysis/EncodingEasy
1ProtoVault Breachβœ… CompletedForensics/IRBeginner
2Stealer’s Shadowβœ… CompletedMalware/IRIntermediate
3Quantum Conundrumβœ… CompletedReverse Eng/CryptoInsane
4Echo Trailβœ… CompletedCloud/IRIntermediate
5Emerald Anomalyβœ… CompletedMalware/NetworkHard
6Nullform Vaultβœ… CompletedMalware/RE/ForensicsHard
7Codex Circuitβœ… CompletedNetwork/PCAP/IREasy
8Last Ascentβœ… CompletedICS/SCADA/Priv EscInsane

πŸ† Achievements#

  • βœ… Week 0: Mastered challenge format and identified path traversal attack
  • βœ… Week 1: Complete investigation with all questions answered
  • βœ… Week 2: Advanced malware analysis and blockchain-based attack detection
  • βœ… Week 3: Reverse-engineered and broke β€œquantum-proof” encryption system
  • βœ… Week 4: Cloud security incident response and Azure exploitation analysis
  • βœ… Week 5: Decoded obfuscated backdoor and identified dual-infrastructure attack
  • βœ… Week 6: Reverse-engineered UPX-packed malware and documented complete exfiltration chain
  • βœ… Week 7: Analyzed Slack-based data exfiltration and recovered customer data from PCAP
  • βœ… Week 8: ICS/SCADA forensics - traced attack from phishing to turbine shutdown via CVE-2024-35250
  • βœ… Identified 45+ critical security vulnerabilities across eight challenges
  • βœ… Created automated analysis scripts for log parsing and forensics
  • βœ… Documented comprehensive remediation steps
  • βœ… Discovered novel attack techniques:
    • Blockchain payload delivery (Week 2)
    • LOLBin chaining (Week 2)
    • Azure Arc SSH abuse (Week 4)
    • 7-layer cipher obfuscation (Week 3)
    • CRYPTO_SEED obfuscation (Week 5)
    • GitHub typosquatting (Week 5)
    • MCP supply chain backdoor (Week 5)
    • UPX packing + hex-encoded PowerShell exfiltration (Week 6)
    • XOR-encoded file extensions + ICMP β€œw00t” payload (Week 6)
    • Anti-debugging evasion (IsDebuggerPresent/CheckRemoteDebuggerPresent) (Week 6)
    • Slack API forensics for insider threat detection (Week 7)
    • Rogue workspace exfiltration via collaboration tools (Week 7)
    • CVE-2024-35250 kernel exploitation (Week 8)
    • SSP DLL credential harvesting (Week 8)
    • IT-OT pivot via Modbus protocol (Week 8)
  • βœ… Demonstrated expertise in multi-cloud environments (AWS, Azure)
  • βœ… Successfully performed binary reverse engineering and cryptanalysis
  • βœ… Mastered PowerShell-based forensics and log analysis
  • βœ… Developed proficiency in Sysmon event analysis
  • βœ… Advanced PCAP analysis and SMTP protocol forensics
  • βœ… ICS/SCADA attack investigation and Modbus protocol analysis

πŸ“ Repository Structure#

echo-response-offsec-challenge/
β”œβ”€β”€ README.md                          # This file
β”œβ”€β”€ assets/
β”‚   β”œβ”€β”€ echo-response-logo.png         # Repository logo
β”‚   β”œβ”€β”€ tutorial.jpg                   # Week 0 banner
β”‚   β”œβ”€β”€ protovault-breach.jpg          # Week 1 banner
β”‚   β”œβ”€β”€ stealers-shadow.jpg            # Week 2 banner
β”‚   β”œβ”€β”€ quantum-conundrum.jpg          # Week 3 banner
β”‚   β”œβ”€β”€ echo-trail.jpg                 # Week 4 banner
β”‚   β”œβ”€β”€ emerald-anomaly.jpg            # Week 5 banner
β”‚   β”œβ”€β”€ nullform-vault.jpg             # Week 6 banner
β”‚   β”œβ”€β”€ codex-circuit.jpg              # Week 7 banner
β”‚   └── last-ascent.jpg                # Week 8 banner
β”œβ”€β”€ WEEK 0 - Tutorial Challenge/
β”‚   β”œβ”€β”€ README.md                      # Challenge overview
β”‚   β”œβ”€β”€ INVESTIGATION_REPORT.md        # Detailed forensic analysis
β”‚   β”œβ”€β”€ analyze_tutorial.py            # Analysis script
β”‚   β”œβ”€β”€ access.log                     # Web server logs
β”‚   └── tutorial.txt                   # Base64-encoded message
β”œβ”€β”€ WEEK 1 - ProtoVault Breach/
β”‚   β”œβ”€β”€ README.md                      # Challenge overview
β”‚   β”œβ”€β”€ INVESTIGATION_REPORT.md        # Detailed forensic analysis
β”‚   └── analyze_leak.py                # Solution script
β”œβ”€β”€ WEEK 2 - Stealer's Shadow/
β”‚   β”œβ”€β”€ README.md                      # Challenge overview
β”‚   β”œβ”€β”€ INVESTIGATION_REPORT.md        # Detailed forensic analysis
β”‚   β”œβ”€β”€ analyze_attack.py              # Solution script
β”‚   └── log.txt                        # Sysmon event logs
β”œβ”€β”€ WEEK 3 - Quantum Conundrum/
β”‚   β”œβ”€β”€ README.md                      # Challenge overview
β”‚   β”œβ”€β”€ INVESTIGATION_REPORT.md        # Detailed security assessment
β”‚   β”œβ”€β”€ solve_decrypt.py               # Decryption script
β”‚   └── Understanding_7_Transformations.md  # Transformation analysis
β”œβ”€β”€ WEEK 4 - Echo Trail/
β”‚   β”œβ”€β”€ README.md                      # Challenge overview
β”‚   β”œβ”€β”€ INVESTIGATION_REPORT.md        # Detailed forensic analysis
β”‚   └── analyze_logs.py                # Azure log parser script
β”œβ”€β”€ WEEK 5 - Emerald Anomaly/
β”‚   β”œβ”€β”€ README.md                      # Challenge overview
β”‚   β”œβ”€β”€ INVESTIGATION_REPORT.md        # Detailed forensic analysis
β”‚   β”œβ”€β”€ analyze_backdoor.ps1           # PowerShell decoder script
β”‚   └── mcp_backdoor_server.py         # Backdoor source code
β”œβ”€β”€ WEEK 6 - Nullform Vault/
β”‚   β”œβ”€β”€ README.md                      # Challenge overview and Q&A
β”‚   β”œβ”€β”€ INVESTIGATION_REPORT.md        # Complete forensic investigation
β”‚   β”œβ”€β”€ Obfuscated_Intent.exe          # Malware sample (UPX-packed)
β”‚   β”œβ”€β”€ ioc_report.csv                 # IOCs in CSV format
β”‚   └── ioc_report.md                  # IOCs in Markdown format
β”œβ”€β”€ WEEK 7 - Codex Circuit/
β”‚   β”œβ”€β”€ README.md                      # Challenge overview and Q&A
β”‚   β”œβ”€β”€ INVESTIGATION_REPORT.md        # Detailed forensic analysis
β”‚   β”œβ”€β”€ analyze_slack_exfiltration.py  # PCAP analysis script
β”‚   └── find_exfiltration.py           # Exfiltration detection script
β”œβ”€β”€ WEEK 8 - Last Ascent/
β”‚   β”œβ”€β”€ README.md                      # Challenge overview and Q&A
β”‚   └── INVESTIGATION_REPORT.md        # Complete ICS/SCADA forensic analysis
└── ...

πŸš€ Quick Start#

To explore the solutions:

  1. Clone this repository:

    Terminal window
    git clone https://github.com/umair-aziz025/echo-response-offsec-challenge.git
    cd echo-response-offsec-challenge

  2. Navigate to a specific week:

    Terminal window
    cd "WEEK 0 - Tutorial Challenge"
    # or
    cd "WEEK 1 - ProtoVault Breach"
    # or
    cd "WEEK 2 - Stealer's Shadow"
    # or
    cd "WEEK 3 - Quantum Conundrum"
    # or
    cd "WEEK 4 - Echo Trail"
    # or
    cd "WEEK 5 - Emerald Anomaly"
    # or
    cd "WEEK 6 - Nullform Vault"
    # or
    cd "WEEK 7 - Codex Circuit"
    # or
    cd "WEEK 8 - Last Ascent"

  3. Read the challenge writeup:

    • Check README.md for challenge overview
    • Review INVESTIGATION_REPORT.md for detailed analysis

  4. Run the solution scripts (if applicable):

    Terminal window
    # Python scripts
    python analyze_leak.py
    

    # PowerShell scripts
    .\analyze_backdoor.ps1

πŸ“š Learning Resources#

🀝 Connect#

Umair Aziz

πŸ“„ License#

This repository is for educational purposes only. Challenge scenarios are property of OffSec. Solution writeups and scripts are my own work.

⭐ Star This Repo#

If you find these solutions helpful, please consider giving this repository a star! It helps others discover these resources.

Last Updated: November 26, 2025

β€œWill you uncover the truth before the balance collapses?”

OffSec Echo Response Event
https://ctf-writeups-webb.vercel.app/posts/events-season1-echo-response/
Author
Umair Aziz
Published at
2026-04-02
License
CC BY-NC-SA 4.0
OffSec Events Overview
OffSec Arctic Howl Event
© 2026 Umair Aziz. All Rights Reserved.