Task 1. Challenge

The room starts with a simple OSINT investigation based around a single domain name. The goal was to track down traces left behind during the development phase and recover information that was never fully removed.

The only thing provided at the start was the domain:

marvenly.com

Since this was an OSINT challenge, I started by looking for exposed subdomains related to the project.

I used the following website to enumerate subdomains:

Merklemap

After searching the domain, I found the development subdomain:

uat-testing.marvenly.com

That answered the first question.

Next, I visited the subdomain directly and started checking the website manually. While looking through the page, I noticed a username inside the footer section.

notvibecoder23

I searched the username on Google and found the matching GitHub profile.

The profile contained a single repository related to the website.

To investigate further, I cloned the repository locally and checked the commit history.

git clone https://github.com/notvibecoder23/marvenly_site/
cd marvenly_site/
git log

Inside the commit logs, I found the developer’s email address:

[email protected]

I also found the reason mentioned for removing the source code from the project.

The project was marked as abandoned due to a payment dispute

The final task was to recover the hidden flag.

Instead of checking the latest files, I reviewed the older commit history on GitHub and inspected previous changes made to the repository.

The flag was visible inside the third commit.

GitHub Commit

The hidden flag was:

THM{g1t_h1st0ry_n3v3r_f0rg3ts}

This room was a good beginner-level OSINT challenge focused on subdomain enumeration, GitHub investigation, and commit history analysis. Even after files are removed, traces often remain publicly accessible through version control history.