I’m Pierre Ceberio and I love infosec.

About Me

23yo, InfoSec Enthusiast, CTF player, passionate about OSINT & Social Engineering.

I studied for 5 years at Ingésup in a bachelor's and master's degree in cybersecurity engineering.

I work as a Security Expert at Excellium and I am co-founder of the CTF Les Pires Hat team. Previously, I worked as a OSINT & Security Analyst at BreacHunt and as a SysOps engineer at Log'in Line.

Latest Work

Voice Cloning & Deep Fake

Research

image

Voice Cloning & Deep Fake

Yesterday, I had the privilege of taking part in the "Rencontres de la Sécurité" organized by Excellium Services .

🎭 On this occasion, I was able to work and run a stand on Deep Fake and Voice Cloning. Participants had the opportunity to enjoy a unique experience: seeing their own heads and voices transformed in real time by that of Christophe Bianco.

The success of our stand testifies to the growing interest in Red Team and AI-based Social Engineering techniques.

image
Burp Suite Certified Practitioner

Certification

image

Burp Suite Certified Practitioner

After passing all 264 PortSwigger labs (and temporarily reaching 1st place in the Hall of Fame in November 🏆) I'm proud to announce that I've achieved Burp Suite Certified Practitioner (BSCP) certification.

A huge thank you to PortSwigger for making available free comprehensive courses and challenges, exhaustively covering all web security concepts.

I'd also like to thank Excellium Services and Hugo BENOIST for their invaluable support, which has played a decisive role in my learning process.

image
Postmaniac

OSINT tool

image

Postmaniac

I just released my osint tool : Postmaniac

Postmaniac is a Postman OSINT tool to extract creds, token, username, email & more from Postman Public Workspaces.

It is designed to perform OSINT recognition on a target for pentesting, bugbounty and more, in order to get the maximum information from the requests left by developers on the Postman public workspaces.

If you want to know more feel free to check the tool on github : https://github.com/boringthegod/postmaniac

Thanks also to Sthack for allowing me to present this new tool in rump :D

image
One night in the South of France, 2 CTFs won

CTF

image

One night in the South of France, 2 CTFs won

In the night of March 31 to April 2, took place in the South of France 2 CTFs, one in Aix en Provence, and the other in Avignon, 1 hour away by car.

So we decided with our team Les Pires Hat to go to these 2 events: "A night for Hacker" organized by the students of the CCI of Vaucluse and Hack'Ynov 2023 organized by the students of Aix Ynov.

After hours of challenges, we managed to finish first on these 2 events, each one including more than 25 teams!

Thank you to all the teams present, to the organizers and creators of the challenges and thank you for all the prizes.

How to OSINT for Fun & Profit

Rump

image

How to OSINT for Fun & Profit

On January 17, a new OSINT-FR meeting took place in Bordeaux. I had the chance to present my rump "How to OSINT for Fun & Profit" and to attend the geoint rump of OSINT_Tactical

My rump was about how only thanks to OSINT it is possible to do bug bounty and thus make money, either on classic Bug Bounty platforms like YesWeHack, or through other more funky platforms.

Thanks to everyone who was able to attend my rump!

SS7 attacks

Research and presentation

image

Research and presentation on SS7 attacks

I had the chance to work on the subject of SS7 attacks and hacking in telephony, as well as on IMSI catching.

These works were part of our working sessions and presentation of interesting and relevant technical topics with Les Pires Hat.

You can find my slides here

CTF Purple Pill

CTF

image

CTF Purple Pill

On the night of Friday, September 30th, we went up to Paris to the Cyber Campus of La Défense for the Purple Pill Challenge

After 8 hours of challenges (OSINT, Web, Crypto, Forensic, Reverse, Pwn, Network and Misc), we finished first on 13 teams.

Thank you for the great welcome and the prizes, we will be back with pleasure next year for the new edition.

CTF SecDojo x Ynov Maroc

CTF

image

CTF SecDojo x Ynov Maroc

On June 30th, we were lucky enough to be able to go to Casablanca to participate in Ynov Morocco and SecDojo's CTF.

After more than 8 hours of challenges (linux box, windows & AD, web, ...), we finish first on 9 teams.

Thanks again for the welcome in Casablanca, for the quality and the realism of the challenges, and for the 1000 euros prize!

European Cyber Cup 2022

Bug Bounty, CTF, Forensic, AI, OSINT, OT, Gaming, Escape Game

image

European Cyber Cup 2022

Bug Bounty, CTF, Forensic, AI, OSINT, OT, Gaming, Escape Game

This 8th and 9th of June 2022, I was as captain with my team Les Pires Hat for the European Cyber Cup in Lille.

We managed to perform well in several categories, including a first place in Artificial Intelligence, a second place in OSINT and a second place in Forensic.

Congratulations to the 18 teams present and thanks to all the organizers of the challenges, it was for me the second time that I came and I will be there next year!

Wave Game Season 4

Pentest Web, Cloud Architecture, Internal pentest, Forensic / SOC with Splunk

image

Wave Game Season 4

Pentest Web, Cloud Architecture, Internal pentest, Forensic / SOC with Splunk

Season 4 of the Wave Game, organized by Wavestone, took place over 2 months with 3 one-week challenges (Web Pentest, Cloud Architecture, Internal Pentest) and 1 final Forensic/SoC challenge with Splunk in person at Wavestone for the 5 best teams.

These challenges took place in a realistic and professional context on a fictitious company managing the infrastructure of the Paris Olympic Games.

With my team Les Pires Hat, we finished 1st on the total of the 3 distance events out of more than 42 teams, and 3rd on the final event.

Thanks to the whole organization for this great event, and especially to our coaches Pierre Rosenzweig and Arnaud Goguel.

Mars@Hack 2022

CTF

image

Mars@Hack 2022

CTF

On May 7th, we went to Mont de Marsan for the CTF Mars@Hack organized by the Air Force, ESD and Yogosha.

With my team Les Pires Hat, we finished 1st overall out of over 41 teams.

Thank you for all the organization, the challenges and all the great prizes we could win!

Midnight Flag 2022

CTF

image

Midnight Flag 2022

CTF

On the night of April 23-24, 2022, the CTF Midnight Flag "Infektion" was organized by the students of ESNA.

With my team Les Pires Hat, we finished 1st overall out of over 200 teams.

You can find my write up on all the OSINT challenges by : here

Thanks to the organization, the challenge creators and the speakers during the Youtube live!

Toulouse Hacking Convention 2022

Conferences, CTF Hardware & CTF online

image

Toulouse Hacking Convention 2022

Conferences, CTF Hardware & CTF online

From April 14 to April 17, 2022 took place the Toulouse Hacking Convention in physics at ENAC and ENSEEIHT

I could find there great conferences on 2 days, then a very nice hardware CTF with DVID and finally an online CTF.

On this occasion we were able to stand out with my team "Les Pires Hat" by finishing 13th out of 166 teams.

Thank you to all the organization and to the different sponsors with whom we could exchange.

CTF Capture The Talent

CTF

image

CTF Capture The Talent

CTF

In this weekend of February took place during 24 hours the CTF Capture The Talent.

🏆Final ranking: 1/52

You can find my write up on all the OSINT challenges by : here

Thanks to Shaun Whorton for organizing the CTF and for the prizes !

MilOsint CTF

CTF

image

MilOsint CTF

CTF

After a week and a half of competition, I finished the CTF MilOsint in 1st place out of over 65 participants.

This OSINT CTF follows a military narrative exploring the geopolitics and tensions between Ukraine and Russia through 52 geolocation, cryptography, file analysis and forensic, and network challenges.

Thanks to WebNoser for the creation of CTF which you can find here

Orange Cyberdefense inter-school CTF

CTF

image

Orange Cyberdefense inter-school CTF

CTF

On November 25th, from 2pm to 8pm, the second edition of the Orange Cyberdefense Inter-school CTF took place, on network, web, crypto, osint, reverse and pwn challenges.

With my team Les Pires Hat, we finished in first place out of over 69 teams!

Thanks to the CTF organization and to all the participants

European Cyber Cup

CTF

image

European Cyber Cup

CTF

I went to Lille with my team Les Pires Hat for the European Cyber Cup taking place on September 8th and 9th in parallel to the FIC

Mixing WEB security, Forensic, OSINT, AI, Bug Bounty challenges and with a gaming evening, we finished 4th out of more than 15 professional and student teams

A big thank you to all the organization, to the challenge creators and to the other participants for these 2 superb days as well as to the people of OSINT-FR that I could meet :)

Barbhack 2021

Cybersecurity conference & CTF

image

Barbhack 2021

Cybersecurity conference & CTF

We went with my CTF team Les Pires Hat to Toulon on August 28th for the annual Barbhack conference!

On the menu, there were great and interesting conferences, a good part of the French infosec community and a meeting at the bar, feet in the sand, with the OSINT-FR community.

We were then able to challenge ourselves all night long on the CTF of the barbhack with about twenty other teams including a majority of professional teams (Synacktiv, Sogeti, ...) and we finished 11th on 24 teams =)

Wave Game Season 3

Pentest, Forensic, SOC, Cloud Architecture

image

Wave Game Season 3

Pentest, Forensic, SOC, Cloud Architecture

Season 3 of the Wave Game, organized by Wavestone, took place during 2 months with 4 tests (Pentest, Forensic, SOC, Cloud Architecture) in a realistic context on a fictional company.

With my team Les Pires Hat, we finished 4th out of 39 teams.

Thanks again to our coach Benjamin Veil and to all the organization of Wavestone, we say see you next year for the next season ;)

Save the World by Orange

CTF

image

Save the World by Orange

CTF

Save the World by Orange also called CTF of the schools, was conceived by the teams of Orange Expert Security and took place on June 17, 2021.

With my team Les Pires Hat, we finished 3rd out of 79 teams.

This CTF addressed a scenario of rescuing a plant under attack by pirates. Despite some infrastructure problems and some challenges, some challenges on the turbine part were very interesting and enjoyable.

YogoshESD CTF

CTF

image

YogoshESD CTF

CTF

The YogoshESD CTF lasted from June 4 to 6, 2021.

It is a solo type CTF and I finished 3rd class out of 101 participants.

This CTF was very nice with a big focus of the challenges on OSINT. Thanks to all the organization and the creators of the challenges.

HeroCTF v3

CTF

image

HeroCTF v3

CTF

During the weekend of April 23-25 the HeroCTF v3 took place.

With our team Les Pires Hat, we finished second on more than 500 teams, on the student ranking we finish top 1.

For the occasion, I was able to write a write-up of an OSINT and Social Engineering / Phishing challenge, find the article : here

Despite the DDOS attacks received, the organization was able to respond and keep a quality of service and very good challenges, thank you to them!

Midnight Flag 2021

CTF

image

Midnight Flag 2021

CTF

On April 10, 2021, ESN'HACK launched the CTF Midnight Flag.

With our team Les Pires Hat, we finished forth out of 114 teams.

For the occasion, I was able to write a write-up of an OSINT test split in 3 parts, find the article : here

Thanks again to all the creators of the challenges and to the whole organization.

OSINT Canberra 2021

CTF

image

OSINT Canberra 2021

CTF

This CTF mixes exercises of research of person, geolocalization and analysis of web sites related to the city of Canberra in Australia.

With our team BtwWeUseGoogle, we finished third out of 38 teams.

A big thank you to IFLinfosec.

Mars@Hack 2021

CTF

image

Mars@Hack 2021

CTF

Very happy to have been able to participate in the Capture The Flag challenge organized by the cyber defense squadron of the 118 air base of Mont-de-Marsan.

We finished Top 2 with my teammates Anthony Domingue, Etienne Sellan and Adrien Zoghbi 👌🏻.

A big thank you to the whole organization!

OSINT Trace Labs 2021.02

CTF

image

OSINT Trace Labs 2021.02

CTF

The Trace Labs Search Party CTF is a non theoretical, gamified effort that allows for the crowdsourcing of contestants to perform a single task: Conduct open source intelligence operations to help find missing persons

With our team BtwWeUseGoogle we finished 29th out of over 200 teams.

How to hack a company with 11 euros ?

Infosec blog post

image

How to hack a company with 11 euros ?

Infosec blog post

How can an attacker physically enter your company, exploit your computers with a USB WHID for only 11 euros ?

Enjoy your reading: Click on Me

Reverse-shell & Vagrant

Student project

image

Reverse-shell & Vagrant

Student project

Realization of a reverse-shell in python with a control from a web interface, and a deployment using vagrant.

Github repository