I’m Pierre Ceberio and I love infosec.
About Me
23yo, InfoSec Enthusiast, CTF player, passionate about OSINT & Social Engineering.
I studied for 5 years at Ingésup in a bachelor's and master's degree in cybersecurity engineering.
I work as a Security Expert at Excellium and I am co-founder of the CTF Les Pires Hat team. Previously, I worked as a OSINT & Security Analyst at BreacHunt and as a SysOps engineer at Log'in Line.
Latest Work
Burp Suite Certified Practitioner
Certification
Burp Suite Certified Practitioner
After passing all 264 PortSwigger labs (and temporarily reaching 1st place in the Hall of Fame in November 🏆) I'm proud to announce that I've achieved Burp Suite Certified Practitioner (BSCP) certification.
A huge thank you to PortSwigger for making available free comprehensive courses and challenges, exhaustively covering all web security concepts.
I'd also like to thank Excellium Services and Hugo BENOIST for their invaluable support, which has played a decisive role in my learning process.
Postmaniac
OSINT tool
Postmaniac
I just released my osint tool : Postmaniac
Postmaniac is a Postman OSINT tool to extract creds, token, username, email & more from Postman Public Workspaces.
It is designed to perform OSINT recognition on a target for pentesting, bugbounty and more, in order to get the maximum information from the requests left by developers on the Postman public workspaces.
If you want to know more feel free to check the tool on github : https://github.com/boringthegod/postmaniac
Thanks also to Sthack for allowing me to present this new tool in rump :D
One night in the South of France, 2 CTFs won
CTF
One night in the South of France, 2 CTFs won
In the night of March 31 to April 2, took place in the South of France 2 CTFs, one in Aix en Provence, and the other in Avignon, 1 hour away by car.
So we decided with our team Les Pires Hat to go to these 2 events: "A night for Hacker" organized by the students of the CCI of Vaucluse and Hack'Ynov 2023 organized by the students of Aix Ynov.
After hours of challenges, we managed to finish first on these 2 events, each one including more than 25 teams!
Thank you to all the teams present, to the organizers and creators of the challenges and thank you for all the prizes.
How to OSINT for Fun & Profit
Rump
How to OSINT for Fun & Profit
On January 17, a new OSINT-FR meeting took place in Bordeaux. I had the chance to present my rump "How to OSINT for Fun & Profit" and to attend the geoint rump of OSINT_Tactical
My rump was about how only thanks to OSINT it is possible to do bug bounty and thus make money, either on classic Bug Bounty platforms like YesWeHack, or through other more funky platforms.
Thanks to everyone who was able to attend my rump!
SS7 attacks
Research and presentation
Research and presentation on SS7 attacks
I had the chance to work on the subject of SS7 attacks and hacking in telephony, as well as on IMSI catching.
These works were part of our working sessions and presentation of interesting and relevant technical topics with Les Pires Hat.
You can find my slides here
CTF Purple Pill
CTF
CTF Purple Pill
On the night of Friday, September 30th, we went up to Paris to the Cyber Campus of La Défense for the Purple Pill Challenge
After 8 hours of challenges (OSINT, Web, Crypto, Forensic, Reverse, Pwn, Network and Misc), we finished first on 13 teams.
Thank you for the great welcome and the prizes, we will be back with pleasure next year for the new edition.
CTF SecDojo x Ynov Maroc
CTF
CTF SecDojo x Ynov Maroc
On June 30th, we were lucky enough to be able to go to Casablanca to participate in Ynov Morocco and SecDojo's CTF.
After more than 8 hours of challenges (linux box, windows & AD, web, ...), we finish first on 9 teams.
Thanks again for the welcome in Casablanca, for the quality and the realism of the challenges, and for the 1000 euros prize!
European Cyber Cup 2022
Bug Bounty, CTF, Forensic, AI, OSINT, OT, Gaming, Escape Game
European Cyber Cup 2022
Bug Bounty, CTF, Forensic, AI, OSINT, OT, Gaming, Escape Game
This 8th and 9th of June 2022, I was as captain with my team Les Pires Hat for the European Cyber Cup in Lille.
We managed to perform well in several categories, including a first place in Artificial Intelligence, a second place in OSINT and a second place in Forensic.
Congratulations to the 18 teams present and thanks to all the organizers of the challenges, it was for me the second time that I came and I will be there next year!
Wave Game Season 4
Pentest Web, Cloud Architecture, Internal pentest, Forensic / SOC with Splunk
Wave Game Season 4
Pentest Web, Cloud Architecture, Internal pentest, Forensic / SOC with Splunk
Season 4 of the Wave Game, organized by Wavestone, took place over 2 months with 3 one-week challenges (Web Pentest, Cloud Architecture, Internal Pentest) and 1 final Forensic/SoC challenge with Splunk in person at Wavestone for the 5 best teams.
These challenges took place in a realistic and professional context on a fictitious company managing the infrastructure of the Paris Olympic Games.
With my team Les Pires Hat, we finished 1st on the total of the 3 distance events out of more than 42 teams, and 3rd on the final event.
Thanks to the whole organization for this great event, and especially to our coaches Pierre Rosenzweig and Arnaud Goguel.
Mars@Hack 2022
CTF
Mars@Hack 2022
CTF
On May 7th, we went to Mont de Marsan for the CTF Mars@Hack organized by the Air Force, ESD and Yogosha.
With my team Les Pires Hat, we finished 1st overall out of over 41 teams.
Thank you for all the organization, the challenges and all the great prizes we could win!
Midnight Flag 2022
CTF
Midnight Flag 2022
CTF
On the night of April 23-24, 2022, the CTF Midnight Flag "Infektion" was organized by the students of ESNA.
With my team Les Pires Hat, we finished 1st overall out of over 200 teams.
You can find my write up on all the OSINT challenges by : here
Thanks to the organization, the challenge creators and the speakers during the Youtube live!
Toulouse Hacking Convention 2022
Conferences, CTF Hardware & CTF online
Toulouse Hacking Convention 2022
Conferences, CTF Hardware & CTF online
From April 14 to April 17, 2022 took place the Toulouse Hacking Convention in physics at ENAC and ENSEEIHT
I could find there great conferences on 2 days, then a very nice hardware CTF with DVID and finally an online CTF.
On this occasion we were able to stand out with my team "Les Pires Hat" by finishing 13th out of 166 teams.
Thank you to all the organization and to the different sponsors with whom we could exchange.
CTF Capture The Talent
CTF
CTF Capture The Talent
CTF
In this weekend of February took place during 24 hours the CTF Capture The Talent.
🏆Final ranking: 1/52
You can find my write up on all the OSINT challenges by : here
Thanks to Shaun Whorton for organizing the CTF and for the prizes !
MilOsint CTF
CTF
MilOsint CTF
CTF
After a week and a half of competition, I finished the CTF MilOsint in 1st place out of over 65 participants.
This OSINT CTF follows a military narrative exploring the geopolitics and tensions between Ukraine and Russia through 52 geolocation, cryptography, file analysis and forensic, and network challenges.
Thanks to WebNoser for the creation of CTF which you can find here
Orange Cyberdefense inter-school CTF
CTF
Orange Cyberdefense inter-school CTF
CTF
On November 25th, from 2pm to 8pm, the second edition of the Orange Cyberdefense Inter-school CTF took place, on network, web, crypto, osint, reverse and pwn challenges.
With my team Les Pires Hat, we finished in first place out of over 69 teams!
Thanks to the CTF organization and to all the participants
European Cyber Cup
CTF
European Cyber Cup
CTF
I went to Lille with my team Les Pires Hat for the European Cyber Cup taking place on September 8th and 9th in parallel to the FIC
Mixing WEB security, Forensic, OSINT, AI, Bug Bounty challenges and with a gaming evening, we finished 4th out of more than 15 professional and student teams
A big thank you to all the organization, to the challenge creators and to the other participants for these 2 superb days as well as to the people of OSINT-FR that I could meet :)
Barbhack 2021
Cybersecurity conference & CTF
Barbhack 2021
Cybersecurity conference & CTF
We went with my CTF team Les Pires Hat to Toulon on August 28th for the annual Barbhack conference!
On the menu, there were great and interesting conferences, a good part of the French infosec community and a meeting at the bar, feet in the sand, with the OSINT-FR community.
We were then able to challenge ourselves all night long on the CTF of the barbhack with about twenty other teams including a majority of professional teams (Synacktiv, Sogeti, ...) and we finished 11th on 24 teams =)
Wave Game Season 3
Pentest, Forensic, SOC, Cloud Architecture
Wave Game Season 3
Pentest, Forensic, SOC, Cloud Architecture
Season 3 of the Wave Game, organized by Wavestone, took place during 2 months with 4 tests (Pentest, Forensic, SOC, Cloud Architecture) in a realistic context on a fictional company.
With my team Les Pires Hat, we finished 4th out of 39 teams.
Thanks again to our coach Benjamin Veil and to all the organization of Wavestone, we say see you next year for the next season ;)
Save the World by Orange
CTF
Save the World by Orange
CTF
Save the World by Orange also called CTF of the schools, was conceived by the teams of Orange Expert Security and took place on June 17, 2021.
With my team Les Pires Hat, we finished 3rd out of 79 teams.
This CTF addressed a scenario of rescuing a plant under attack by pirates. Despite some infrastructure problems and some challenges, some challenges on the turbine part were very interesting and enjoyable.
YogoshESD CTF
CTF
YogoshESD CTF
CTF
The YogoshESD CTF lasted from June 4 to 6, 2021.
It is a solo type CTF and I finished 3rd class out of 101 participants.
This CTF was very nice with a big focus of the challenges on OSINT. Thanks to all the organization and the creators of the challenges.
HeroCTF v3
CTF
HeroCTF v3
CTF
During the weekend of April 23-25 the HeroCTF v3 took place.
With our team Les Pires Hat, we finished second on more than 500 teams, on the student ranking we finish top 1.
For the occasion, I was able to write a write-up of an OSINT and Social Engineering / Phishing challenge, find the article : here
Despite the DDOS attacks received, the organization was able to respond and keep a quality of service and very good challenges, thank you to them!
Midnight Flag 2021
CTF
Midnight Flag 2021
CTF
On April 10, 2021, ESN'HACK launched the CTF Midnight Flag.
With our team Les Pires Hat, we finished forth out of 114 teams.
For the occasion, I was able to write a write-up of an OSINT test split in 3 parts, find the article : here
Thanks again to all the creators of the challenges and to the whole organization.
OSINT Canberra 2021
CTF
OSINT Canberra 2021
CTF
This CTF mixes exercises of research of person, geolocalization and analysis of web sites related to the city of Canberra in Australia.
With our team BtwWeUseGoogle, we finished third out of 38 teams.
A big thank you to IFLinfosec.
Mars@Hack 2021
CTF
Mars@Hack 2021
CTF
Very happy to have been able to participate in the Capture The Flag challenge organized by the cyber defense squadron of the 118 air base of Mont-de-Marsan.
We finished Top 2 with my teammates Anthony Domingue, Etienne Sellan and Adrien Zoghbi 👌🏻.
A big thank you to the whole organization!
OSINT Trace Labs 2021.02
CTF
OSINT Trace Labs 2021.02
CTF
The Trace Labs Search Party CTF is a non theoretical, gamified effort that allows for the crowdsourcing of contestants to perform a single task: Conduct open source intelligence operations to help find missing persons
With our team BtwWeUseGoogle we finished 29th out of over 200 teams.
How to hack a company with 11 euros ?
Infosec blog post
How to hack a company with 11 euros ?
Infosec blog post
How can an attacker physically enter your company, exploit your computers with a USB WHID for only 11 euros ?
Enjoy your reading: Click on Me
Reverse-shell & Vagrant
Student project
Reverse-shell & Vagrant
Student project
Realization of a reverse-shell in python with a control from a web interface, and a deployment using vagrant.