Hkboot — 2022

The highlight of HKBoot 2022 was a 6-hour overnight competition called The Ghost Village.

Scenario: A regional logistics firm was breached. The attackers left behind fragmented memory dumps, one corrupted VMDK, and three PCAP files. No logs. No alerts. hkboot 2022

Teams had to:

Only two teams completed all three objectives. The winning solution involved using Volatility 3 with a custom plugin written during the competition—a level of improvisation that defines elite IR talent. The highlight of HKBoot 2022 was a 6-hour

HKBoot 2022 included portable versions of Kaspersky Rescue Disk (2021 engine) and 360 System Repair Toolkit. This allowed technicians to boot into WinPE and clean infected systems without booting the main OS—critical for removing rootkits. Only two teams completed all three objectives

#!/usr/bin/env bash
set -euo pipefail
USB_DEV="$1:-/dev/sdX"
PROJECT_DIR="$(cd "$(dirname "$0")" && pwd)"
OUT_DIR="$PROJECT_DIR/out"
VTOY_VER="1.0.92"
HKBoot 2022 uses a custom GRUB4DOS and GRUB2 hybrid loader. The boot menu typically offers: