Orange Cyberdefense Switzerland's technical blog
You have been contracted to help COPERNIC Inc spot the light on a potential compromise. It seems that one of their scientists has been spied through a 20 years old malware… And fortunately, Zeus was on your side since the 4 Gb snapshot was carried out at the best possible time to facilitate your analysis.
Continue reading Insomni’hack 2024 – Bash to the Future writeupFor this 2023 edition, i chose to focus on the DoH (DNS Over Https) protocol because it has gained popularity for attackers as a command and control (C2) communication channel for hiding DNS traffic through HTTPS rather than using the traditional DNS tunneling. In this post, i will describe in details how to solve the challenge.
Continue reading Insomni’hack 2023 CTF Teaser – DoH ! writeupIn this forensic challenge, a company has been compromised and their initial investigation led to a suspicious workstation. The CEO was very anxious about a potential exfiltration, and we were provided with a network dump of that workstation in the hope that we would be able to help him make some sweet dreams again.
Continue reading Insomni’hack 2023 – hex-filtrate writeupIt’s was a pleasure this year to meet you at the 2022 edition of our amazing security conference Insomni’hack !
With Splunk collaboration, we come back this year with “Splunk Boss Of The SOC” challenge.
Continue reading Splunk Boss Of The SOC (BOTS) @Insomni’hackThe Apiculture challenges are dedicated to API attacks. The second level basically looks like a webpage dedicated to beehives:
Continue reading Apiculture 2 write-upThe Apiculture challenges are dedicated to API attacks. It is basically a honey’s addict website:
Continue reading Apiculture 1 write-upThe GDBug file is an ELF binary:
Continue reading GDBug write-upFollowing last week-end’s Insomni’hack teaser and popular demand, here is a detailed write-up for my winhttpd challenge, that implemented a custom multi-threaded httpd and was running on the latest version of Windows 10:
Continue reading winhttpd writeup: private heaps pwning on WindowsHere is a write-up for the challenge “vba03-strikeBack”, since none was posted yet on CTFtime.
All the source code for the malware and cookie logger are available on GitHub.
Continue reading Insomni’hack 2018 – vba03-strikeBack writeupFor the 10th Insomni’Hack anniversary, new hacking challenge categories were available during the CTF. They consisted of social engineering, hacking room, and a multiplayer FPS game.
This article will cover several write-ups for this last category. It is a great occasion to understand quickly some basis of modern game hacking.
Continue reading Insomni’Hack 2017 – FPS Write-Ups