Compare commits

..

No commits in common. "43be6c2039cd6dc77c45b92cac4e7e6b92622992" and "c11a01165dc34683db1646fe8f4eaf285109ffdb" have entirely different histories.

16 changed files with 2 additions and 16 deletions

View File

@ -1,7 +1,6 @@
---
layout: post
title: French Croissant - or why you need to lock your computer
image: /images/default.jpg
---
Last year the first day of my internship I was given a computer and asked to install and secure it for two days. After that delay anyone can try to attack and compromise my machine, and if so I was welcome to buy some "French Croissants" to the team while the attacker explain his method to get access into your computer the next morning.

View File

@ -1,7 +1,6 @@
---
layout: post
title: WHID Injector - Tips and Tricks
image: /images/default.jpg
---
What is it ? The WHID Injector is USB Key which act as a remote keyboard. Basically it sets up a Wifi Access Point where you can connect and send whatever you want on the machine. It also has a Rubber Ducky payload converter, an exfiltrated data tab and many more.

View File

@ -1,7 +1,6 @@
---
layout: post
title: SIGSEGV1 Writeup - MD Auth
image: /images/default.jpg
---
Let's talk about the "MD Auth" challenge, I admit I started with this challenge thinking it would be about "Markdown". I was wrong but it was nonetheless interesting to solve.

View File

@ -1,7 +1,6 @@
---
layout: post
title: An XSS Story
image: /images/default.jpg
---
Last night I stumbled across an XSS in a bug bounty program, this was quite fun to exploit.

View File

@ -1,7 +1,6 @@
---
layout: post
title: UYBHYS - Sea Monster Attack & Defense CTF
image: /images/SeaMonster/SeaMonsterBanner.png
---
Last week-end I teamed up with members from [Aperikube](https://www.aperikube.fr) for an Attack/Defense CTF which took place in Brest - France. In this "small" blog post I will write about this experience, the challenges and our methodology :)

View File

@ -1,7 +1,6 @@
---
layout: post
title: Ph0wn CTF 2019 - Smart Devices CTF
image: /images/Ph0wn/Ph0wnBanner.png
---
Another week another CTF, this time it was the [Ph0wn](https://ph0wn.org) at Sophia Antipolis (France). I teamed up with members from [@Maki](https://twitter.com/maki_mitz), [@iansus](https://twitter.com/iansus), [@MansourCyril](https://twitter.com/MansourCyril) and [@0hax](https://twitter.com/0hax2). We reached the **second place** of this IoT/Hardware CTF.

View File

@ -1,7 +1,6 @@
---
layout: post
title: DVID - Damn Vulnerable IoT Device
image: /images/DVID/bleadvertising.jpg
---
Who ever wanted to learn about Hardware Hacking ? I found this small opensource **IoT hacking** learning board while I was in a security event. It is designed by [@vulcainreo](https://twitter.com/vulcainreo/) and cost around 45€, more than 300 units were shipped around the world.

View File

@ -1,7 +1,6 @@
---
layout: post
title: HIP19 Writeup - Meet Your Doctor 1,2,3
image: /images/HIP19/hip19_wargame.png
---
Last wednesday I was in the Hack In Paris event for the 3rd time. As always there were some great conferences and challenges, and a new competition called "Hacker Jeopardy" which was very fun! During the Wargame I focused my time on Web challenges based on the `graphql` technology which was new to me, you will find below my writeups for the `Meet Your Doctor` challenges.

View File

@ -1,14 +1,14 @@
---
layout: post
title: FCSC - CTF Writeup
image: /images/FCSC/2020-fcsc-logo.jpg
---
## FCSC - FRANCE CYBERSECURITY CHALLENGE 2020
Some writeups of severals web challenges from the [FCSC 2020](https://france-cybersecurity-challenge.fr).
![https://www.ssi.gouv.fr/uploads/2020/03/2020-fcsc-logo.jpg](/images/FCSC/2020-fcsc-logo.jpg)
![https://www.ssi.gouv.fr/uploads/2020/03/2020-fcsc-logo.jpg](https://www.ssi.gouv.fr/uploads/2020/03/2020-fcsc-logo.jpg)
## Challenges' Writeup

View File

@ -1,7 +1,6 @@
---
layout: post
title: STHACK2022 - Catch the bird, a trip from web to IRL
image: /images/STHACK2022/sthack2022_post-card.png
---
* Challenge author: ajani

View File

@ -1,7 +1,6 @@
---
layout: post
title: Offensive Nim - Auto Obfuscate Strings with Nim's Term-Rewriting Macros
image: /images/OffensiveNim/nimlang.png
---
TLDR: Use `nim-strenc`, or read below to discover how to write your own Nim macro.

View File

@ -1,7 +1,6 @@
---
layout: post
title: DLS 2024 - RedTeam Fails - "Oops my bad I ruined the operation"
image: /images/DrinkLoveShare24/rump_redteam_dino-0.jpg
---
Recently I had the pleasure to give a rump during the "Drink Love Share" meet organized by [TheLaluka](https://twitter.com/TheLaluka). This blog post will delve deeper into the topic.

View File

@ -1,7 +1,6 @@
---
layout: post
title: Ph0wn CTF 2019 - Flag Digger
image: /images/Ph0wn/ph0wn_chip_dip2deep_min.jpg
---
TLDR: It's never too late to try to solve an old challenge. This blog post is a quick writeup of a challenge from the Ph0wn CTF 2019 where you were given a small chip and you had to extract the flag from it.

View File

@ -1,7 +1,6 @@
---
layout: post
title: SSRFmap - Introducing the AXFR module
image: /images/SSRFmapAXFR/banner_text.png
---
After reading a great blog post about a CTF challenge where you had to chain several SSRF to get the flag, I took some time to improve SSRFmap, fix the bugs and merge the Pull Requests. Then I implemented a new module called `axfr` to trigger a DNS zone transfer from the SSRF using the gopher protocol. This blog post is about my journey on implementing it.

View File

@ -1,7 +1,6 @@
---
layout: post
title: Anatomy of Pokemon glitches
image: /images/PokemonGlitches/pikachu-yellow.png
---
Digging into the anatomy of Pokemon Yellow glitches, or how to impress your school friends during break time.

Binary file not shown.

Before

Width:  |  Height:  |  Size: 22 KiB