The team is composed of 0xBlank, Pezzz and Steels, check the About us section for more informations. On this website you will find articles about :

Our path to pentest/red-team certifications
HackTheBox and CTF writeup
Presentation of homemade tools
Miscellaneous articles

Check out Flop.py Book a central repository of techniques, methodologies, and tools in several categories including Pentest, DFIR, OSINT & more !

Latest articles:

/misc-learning-rust-basics/featured-image.png

🦀 Learning Rust basics - x509 Certificate Parser

Pezzz published on 2023-07-22 included in Miscellaneous

Introduction This article aim to explain Rust basics and how to create a Rust application. I manage to create a certificate parser because it covers a wide range of knowledge like: Control flows ; Managing/Parsing I/O ; Error handling ; and more… I will take as input certificate issued on the Certificate Transparency (CT) system. I am currently learning Rust, I am far from being an expert. I’m writing this article to allow me to go deeper into concepts and I’m open to any improvements and/or advice.

🕵️ HTB-Writeup : ESCAPE

Pezzz published on 2023-07-21 included in HackTheBox

Introduction Welcome to our new HackTheBox write-up! In this article, we will guide you through the steps we took to successfully compromise the targeted machine. Escape is an Medium Windows machine. External Recon Let’s do some recon ! Nmap scan 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 └─$ nmap 10.

🕵️ HTB-Writeup : METATWO

Pezzz published on 2023-07-20 included in HackTheBox

Recon nmap scan 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 └─$ nmap -T5 -Pn -p- -sV -A 10.10.11.186 PORT STATE SERVICE VERSION 21/tcp open ftp | fingerprint-strings: | GenericLines: | 220 ProFTPD Server (Debian) [::ffff:10.10.11.186] | Invalid command: try being more creative |_ Invalid command: try being more creative 22/tcp open ssh OpenSSH 8.

🕵️ HTB-Writeup : INVESTIGATION

Pezzz published on 2023-07-19 included in HackTheBox

Introduction Welcome to our new HackTheBox write-up! In this article, we will guide you through the steps we took to successfully compromise the targeted machine. Investigation is an Medium Linux machine. Recon Let’s do some recon ! Nmap 1 2 3 4 5 6 7 8 9 10 11 12 └─$ nmap 10.129.140.76 -A -Pn -p- -T4 PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.5 (Ubuntu Linux; protocol 2.

🕵️ HTB-Writeup : FLIGHT

Pezzz published on 2023-05-09 included in HackTheBox

Recon Nmap scan 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 └─$ nmap 10.10.11.187 -A -Pn -p- -T4 Starting Nmap 7.93 ( https://nmap.org ) at 2023-01-14 00:09 CET Nmap scan report for 10.10.11.187 Host is up (0.023s latency). Not shown: 65516 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 80/tcp open http Apache httpd 2.

/chall-writeup-midnightctf-basicgorev/featured-image.png

🕵️ Midnight Flag CTF : Basic Go Rev

Steels published on 2023-04-16 included in CTF-Challenge

Nous avons eu l’occasion de participer au Midnight Flag CTF qui s’est déroulé dans la nuit du 15 au 16 avril. Ce write-up abordera le challenge Basic Go Rev proposé par Stinky. Le fichier Une fois que nous avons téléchargé et décompressé l’archive zip nous obtenons un fichier nommé main : 1 2 $ file main main: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, Go BuildID=Dr3jOcC2drZkbVJK9eeY/aYcRCkAGnayJomBFlmZ9/7DOepaXw66VTewiqSf2c/WR20PqZ8xUmvXwS3-IeR, not stripped Analyse statique Etant donné que mes compétences en reverse sont proches du néant, je fais ce que je sais faire de mieux, c’est à dire un bon gros string sur le binaire :