Writeup in progress
Currently making the solution for m00nwalk2and the walkthrough will be published here as soon as it's ready.
Check back soon - or follow our latest updates on the homepage- to be notified when the full writeup goes live.
m00nwalk2
Published: April 2, 2026
Want more picoCTF 2019 writeups?
Useful tools for Forensics
- Hex ViewerView text or raw hex bytes as a xxd-style hex dump with byte offset, hex columns, and ASCII sidebar. Highlights printable characters and null bytes.
- Checksum CalculatorCompute CRC32, SHA-1, SHA-256, SHA-384, and SHA-512 hashes for text or uploaded files. Verify against known hashes.
- Base64 & Base32 DecoderDecode Base64 and Base32 strings with auto-detection. Multi-layer mode unwraps nested encodings automatically.
- Hash IdentifierIdentify unknown hash types by length and prefix. Covers MD5, SHA-1, SHA-256, SHA-512, bcrypt, NTLM, and more.
Related reading
- Wireshark and pcap Analysis for CTF ForensicsA hands-on guide to analyzing network packet captures (pcap files) in CTF competitions using Wireshark and tshark: following TCP streams, finding credentials, extracting files, and applying display filters.
- How to Read and Analyze Hex DumpsLearn to read and analyze hex dumps for CTF challenges -- understanding the xxd format, spotting magic bytes, finding hidden strings, and using hex editors to inspect binary files.
What to try next
- ForensicsHard
Invisible WORDs
A Word document conceals data in invisible whitespace steganography between lines. Extract the hidden characters and decode the flag from the document's formatting.
- ForensicsHard
UnforgottenBits
Forensic disk image with IRC logs, steghide BMPs, slack-space data, and two AES decryptions hidden via golden-ratio-base encoding.
- ForensicsHard
SideChannel
Exploit a timing side-channel in a PIN checker: each correct digit takes slightly longer. Recover all 8 digits.
- ForensicsHard
Surfing the Waves
Extract hidden data from an audio file by analyzing its waveform properties. Decode amplitude values, frequency patterns, or sample data to reveal the encoded flag.
- ForensicsHard
Very very very Hidden
Dig through multiple layers of hidden data in a forensic artifact. Combine techniques like steganography, metadata analysis, and file carving to find the deeply buried flag.