/images/logo.png

The team is composed of 0xBlank, Pezzz and Steels, check the About us section for more informations. On this website you will find articles about :

  • Our path to pentest/red-team certifications
  • HackTheBox and CTF writeup
  • Presentation of homemade tools
  • Miscellaneous articles

Check out Flop.py Book a central repository of techniques, methodologies, and tools in several categories including Pentest, DFIR, OSINT & more !

Latest articles:

🕵 HTB-Writeup : POISON

Recon nmap x rustscan 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 └─$ rustscan -a 10.10.10.84 -b 10000 -- -A -Pn -sV -T5 .----. .-. .-. .----..---. .----. .---. .--. .-. .-. | {} }| { } |{ {__ {_ _}{ {__ / ___} / {} \ | `| | | .-. \| {_} |.-._} } | | .

🕵 HTB-Writeup : BUFF

Recon rustscan Rustscan is a usefull port scanning tools developed in Rust. It is not an alternative to nmap but a non-negligible improvement. Rustscan can scan all 65k port fastly then, pipe open port on a nmap scans. This allows to speed up the discovery of open ports and to run nmap scan (with scripts) only on open ports. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 └─$ rustscan -t 2000 -b 20000 -a 10.

🕵 HTB-Writeup : DEVEL

Recon nmap 1 2 3 4 5 6 7 8 9 10 11 12 13 14 PORT STATE SERVICE VERSION 21/tcp open ftp Microsoft ftpd | ftp-syst: |_ SYST: Windows_NT | ftp-anon: Anonymous FTP login allowed (FTP code 230) | 03-18-17 02:06AM <DIR> aspnet_client | 03-17-17 05:37PM 689 iisstart.htm |_03-17-17 05:37PM 184946 welcome.png 80/tcp open http Microsoft IIS httpd 7.5 | http-methods: |_ Potentially risky methods: TRACE |_http-server-header: Microsoft-IIS/7.5 |_http-title: IIS7 Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows Windows machine with Microsoft IIS webserver v7.

🕵 HTB-Writeup : SENSE

Recon nmap 1 2 3 4 5 └─$ nmap -timing 5 -Pn -p- 10.10.10.60 PORT STATE SERVICE 80/tcp open http 443/tcp open https Try default pfsense credentials on the login page (https://10.10.10.60/index.php): Admin:pfsense root:pfsense Not working. dirbuster Result of the dirbuster scan We can found a changelog file on https://10[.]10[.]10[.]60/changelog.txt leaking informations on 3 vulnerabilities on the system. Only two have been patched. 1 2 3 4 5 6 7 8 9 10 # Security Changelog ### Issue There was a failure in updating the firewall.

🕵 HTB-Writeup : MIRAI

Recon nmap 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 └─$ nmap -A -timing 5 -p- 10.10.10.48 53/tcp open domain dnsmasq 2.76 | dns-nsid: |_ bind.version: dnsmasq-2.76 80/tcp open http lighttpd 1.4.35 |_http-title: Site doesn't have a title (text/html; charset=UTF-8). |_http-server-header: lighttpd/1.4.35 1240/tcp open upnp Platinum UPnP 1.0.5.13 (UPnP/1.0 DLNADOC/1.50) 32400/tcp open http Plex Media Server httpd |_http-title: Unauthorized | http-auth: | HTTP/1.

🕵 HTB-Writeup : NIBBLES

Recon nmap 1 2 3 4 5 6 7 8 9 10 11 12 nmap -A -sV -Pn 10.10.10.75 PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 c4:f8:ad:e8:f8:04:77:de:cf:15:0d:63:0a:18:7e:49 (RSA) | 256 22:8f:b1:97:bf:0f:17:08:fc:7e:2c:8f:e9:77:3a:48 (ECDSA) |_ 256 e6:ac:27:a3:b5:a9:f1:12:3c:34:a5:5d:5b:eb:3d:e9 (ED25519) 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) |_http-title: Site doesn't have a title (text/html). |_http-server-header: Apache/2.4.18 (Ubuntu) Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel We are face of website with an Hello world!