SEO cards for all posts
Swissky
parent
1696af7e0d
commit
43be6c2039
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: French Croissant - or why you need to lock your computer
|
||||
image: /images/default.jpg
|
||||
---
|
||||
|
||||
Last year the first day of my internship I was given a computer and asked to install and secure it for two days. After that delay anyone can try to attack and compromise my machine, and if so I was welcome to buy some "French Croissants" to the team while the attacker explain his method to get access into your computer the next morning.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: WHID Injector - Tips and Tricks
|
||||
image: /images/default.jpg
|
||||
---
|
||||
|
||||
What is it ? The WHID Injector is USB Key which act as a remote keyboard. Basically it sets up a Wifi Access Point where you can connect and send whatever you want on the machine. It also has a Rubber Ducky payload converter, an exfiltrated data tab and many more.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: SIGSEGV1 Writeup - MD Auth
|
||||
image: /images/default.jpg
|
||||
---
|
||||
|
||||
Let's talk about the "MD Auth" challenge, I admit I started with this challenge thinking it would be about "Markdown". I was wrong but it was nonetheless interesting to solve.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: An XSS Story
|
||||
image: /images/default.jpg
|
||||
---
|
||||
|
||||
Last night I stumbled across an XSS in a bug bounty program, this was quite fun to exploit.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: UYBHYS - Sea Monster Attack & Defense CTF
|
||||
image: /images/SeaMonster/SeaMonsterBanner.png
|
||||
---
|
||||
|
||||
Last week-end I teamed up with members from [Aperikube](https://www.aperikube.fr) for an Attack/Defense CTF which took place in Brest - France. In this "small" blog post I will write about this experience, the challenges and our methodology :)
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: Ph0wn CTF 2019 - Smart Devices CTF
|
||||
image: /images/Ph0wn/Ph0wnBanner.png
|
||||
---
|
||||
|
||||
Another week another CTF, this time it was the [Ph0wn](https://ph0wn.org) at Sophia Antipolis (France). I teamed up with members from [@Maki](https://twitter.com/maki_mitz), [@iansus](https://twitter.com/iansus), [@MansourCyril](https://twitter.com/MansourCyril) and [@0hax](https://twitter.com/0hax2). We reached the **second place** of this IoT/Hardware CTF.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: DVID - Damn Vulnerable IoT Device
|
||||
image: /images/DVID/bleadvertising.jpg
|
||||
---
|
||||
|
||||
Who ever wanted to learn about Hardware Hacking ? I found this small opensource **IoT hacking** learning board while I was in a security event. It is designed by [@vulcainreo](https://twitter.com/vulcainreo/) and cost around 45€, more than 300 units were shipped around the world.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: HIP19 Writeup - Meet Your Doctor 1,2,3
|
||||
image: /images/HIP19/hip19_wargame.png
|
||||
---
|
||||
|
||||
Last wednesday I was in the Hack In Paris event for the 3rd time. As always there were some great conferences and challenges, and a new competition called "Hacker Jeopardy" which was very fun! During the Wargame I focused my time on Web challenges based on the `graphql` technology which was new to me, you will find below my writeups for the `Meet Your Doctor` challenges.
|
||||
|
|
|
|||
|
|
@ -1,14 +1,14 @@
|
|||
---
|
||||
layout: post
|
||||
title: FCSC - CTF Writeup
|
||||
image: /images/FCSC/2020-fcsc-logo.jpg
|
||||
---
|
||||
|
||||
## FCSC - FRANCE CYBERSECURITY CHALLENGE 2020
|
||||
|
||||
Some writeups of severals web challenges from the [FCSC 2020](https://france-cybersecurity-challenge.fr).
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## Challenges' Writeup
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: STHACK2022 - Catch the bird, a trip from web to IRL
|
||||
image: /images/STHACK2022/sthack2022_post-card.png
|
||||
---
|
||||
|
||||
* Challenge author: ajani
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: Offensive Nim - Auto Obfuscate Strings with Nim's Term-Rewriting Macros
|
||||
image: /images/OffensiveNim/nimlang.png
|
||||
---
|
||||
|
||||
TLDR: Use `nim-strenc`, or read below to discover how to write your own Nim macro.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: DLS 2024 - RedTeam Fails - "Oops my bad I ruined the operation"
|
||||
image: /images/DrinkLoveShare24/rump_redteam_dino-0.jpg
|
||||
---
|
||||
|
||||
Recently I had the pleasure to give a rump during the "Drink Love Share" meet organized by [TheLaluka](https://twitter.com/TheLaluka). This blog post will delve deeper into the topic.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: Ph0wn CTF 2019 - Flag Digger
|
||||
image: /images/Ph0wn/ph0wn_chip_dip2deep_min.jpg
|
||||
---
|
||||
|
||||
TLDR: It's never too late to try to solve an old challenge. This blog post is a quick writeup of a challenge from the Ph0wn CTF 2019 where you were given a small chip and you had to extract the flag from it.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: post
|
||||
title: SSRFmap - Introducing the AXFR module
|
||||
image: /images/SSRFmapAXFR/banner_text.png
|
||||
---
|
||||
|
||||
After reading a great blog post about a CTF challenge where you had to chain several SSRF to get the flag, I took some time to improve SSRFmap, fix the bugs and merge the Pull Requests. Then I implemented a new module called `axfr` to trigger a DNS zone transfer from the SSRF using the gopher protocol. This blog post is about my journey on implementing it.
|
||||
|
|
|
|||
Binary file not shown.
|
After Width: | Height: | Size: 22 KiB |
Loading…
Reference in New Issue