How CSCBE’s “Modbusted” challenge came to be

About the CSCBE The Cyber Security Challenge Belgium (CSCBE) is a typical Capture-The-Flag (CTF) competition aimed at students from universities and colleges all over Belgium. All of the CSCBE's challenges are created by security professionals from many different organisations.  The "Modbusted" challenge was created by Jonas B, one of NVISO's employees. First, some statistics about the Modbusted … Continue reading How CSCBE’s “Modbusted” challenge came to be

Intercepting Belgian eID (PKCS#11) traffic with Burp Suite on OS X / Kali / Windows

TL;DR: You can configure Burp to use your PKCS#11 (or Belgian eID) card to set up client-authenticated SSL sessions, which you can then intercept and modify. This blog post shows how you can easily view and modify your own, local traffic.  In order to complete this tutorial, you still need a valid eID card, and the … Continue reading Intercepting Belgian eID (PKCS#11) traffic with Burp Suite on OS X / Kali / Windows