I have applied for the Google Summer of
Code,
2014 edition, a couple of months earlier and I have been accepted!
Therefore, for the next months I will be working on the
OWASP
- OWTF project.
This first post describes the OWTF tool and the project I will have to
implement for August.
Then it explains the few contributions I have been working on since the past
three weeks.
It is the first post from a monthly series that will show my progress on the Automated Ranking System I am implementing.
After spending six months in the Information Systems Security service of the Société Générale, I have got really impressed by how the security was managed!
To be clear, doing security on my free time gave me a pessimist opinion on
security when managed by big companies.
But working with such a service as the ISS one from the SG changed my mind. In
my humble opinion, they are doing excellent job!
Take it as you want of course, I am just a student with no real experience :/
But today I stumbled into such a bad password policy that it blew my mind, in a bad way (sigh).
It has been a long time since I wrote something for my blog. This can been
explained because of the transition between the end of my internship at Société
Générale and the beginning of my semester at my University.
For the first time since a couple of semesters, most of my lectures are
interesting. I have to deal with ARM architectures as well as programing on
WiFi access point (on the OpenWRT firmware).
Moreover, I am applying for the GSoC 2014
edition this
year.
The redaction of my proposal took me some times but I expect good news for my
mentor really soon.
I will give you more information as soon as the official announce is published.
At that time, I will write a few lines concerning the project I am applying for
:)
Anyway, the following post describes the basic mistakes we have made while attending to the CTF for the NdH 2014 prequals.
Good morning fellows!
Since a couple of weeks, I was working on this new version of my blog.
I wasn't fulfil anymore with the previous one. The main problem was the way I
had to write the posts.
In fact, I got annoyed having to use a web interface to edit a post.
Before, I had to write into a html text area, which means with all the
different HTML attributes (p, h1, h2, a, etc.).
But then, I discovered Markdown, or re-discovered it in fact.
First I thought that Markdown was just for fun. I mean that it was more like a good
joke than a real syntax format. It was just too simple to be true.
After a couple of time using it, I just couldn't stop anymore!
I felt like when some friends taught me Latex,
but a thousand times better!
Well, I wrote this version of the blog from scratch. And this post tries to details the main changes.
Bonjour les gens !
The last two days, we have seen Hack.lu's
CTF taking place online.
It was a lot of fun, their IRC channel was really fun, so was their challenges
:)
Last results? 106 over 413 applying teams. Well done HackGyver \o/
Now it's time for the write-up. More precisely, the one on RoboAuth, their 150 points reverse challenge.
The challenge is a binary which asks for two distinct passwords. I salute the
ASCII art :P
Since futex powned ndh2K13 prequals' challenge (crackme200) with a simple
strings command, I will start from the beginning :p