Challenge Idea
They say that “Skidz was born to address the gap between cutting-edge international standards and the current cybersecurity landscape. With a commitment to specialization and deep expertise, we believe that real-world experience is essential to mastering cybersecurity challenges and driving innovation”, That was a great speech but what if we went deeper and built an OSINT profile on them? Let’s investigate their usernames, team members, motives, and more. Please connect to the underlying socket to begin answering the questions
Challenge Solution
┌──(kali㉿kali)-[~/Desktop/SkidzDocker]
└─$ nc 127.0.0.1 7834
Connecting...
.
.
/^\ .
/\ "V"
/__\ I O o
//..\\ I .
\].`[/ I
/l\/j\ (] . O
/. ~~ ,\/I .
\\L__j^\/I o
\/--v} I o .
| | I _________
| | I c(` ')o
| l I \. ,/
_/j L l\_! _//^---^\\_ -skidz
[x] Welcome to the Skidz Maze - a challenge where your OSINT skills will be tested to uncover the hidden secrets...
(1/9) How many members were on the Skidz team when they participated in the 2022 "Hack The Boo" competition? Note: Their names may not be the same L0L!!
Answer: 6
Correct!Upon connecting to the socket using netcat we can see the first question says How many members were on the Skidz team when they participated in the 2022 "Hack The Boo" competition ? , note: There name may not be the same L0L!!, based on that we will make a google dork as "Hack The Boo" "2022" "skidz” we will find nothing
Editing the same google dork to be more generic"Hack The Boo" "2022" we can see that there is lot’s of link presented, but as a CTF player the place where you want to check team members is CTFtime
Going to 
ctftime team Hack The Boo we can see all the teams that have participated in that competition, but checking skidz won’t be displaying anything as we have seen within the first google dork we have created with skidz in it
But if we searched for sk we can see that we have 36 entry, checking one by one we can see that Sk1Ds is so much similar to skidz as within the same question we have had a note that says note: There name may not be the same L0L!!
Going to ctftime team CTFtime.org / Sk1Ds we can see the team members names and there total number is 6
(2/9) What was the original name of the group Skidz back when they were in university?
Answer: Sk1Ds
Correct!Going to the Second question What was the original name of the group Skidz back when they were in university? we can answer that based on the upper information we have had Sk1Ds
(3/9) What CVE did WilDN00B mention on Dec 18, 2024?
Answer: CVE-2024-55968
Correct!Going to the third question What CVE did WilDN00B mention on Dec 18, 2024?, basically we will use Sherlock to find any social media account that WilDN00B is in, Although he has many accounts, one in particular stands out as it suggests that he is a tech enthusiast and CTF player, possibly sharing related content on GitHub.
Going to https://github.com/WilDN00B we can see that he have a repository Related to CTF Write-ups, Opening it won’t revel anything, but it is a good indication about the step we have been in
Based on that what if we made a google dork to check WilDN00B and CVE within the same page, we will do that by executing "WilDN00B" "CVE” google dork
As we see we have a Link to a GitHub account that mentioned his name and a CVE so by going to https://github.com/null-event/CVE-2024-55968, we can see that within the credits section WilDN00B have been mentioned, but I want an indication as the question says CVE did WilDN00B mention on Dec 18, 2024
Based on that we can search for WilDN00B within GitHub and check any other accounts that may have anything related, as we see we have two accounts one that we have discovered and the other one that have 1 instead I so we have https://github.com/WilDN00B and https://github.com/Wi1DN00B, that’s because the first one we have discovered have the same name as the username and the account we are searching for have it as the full name as the username have the 1 instead of I
Username = your GitHub ID/handle
Display name = your personal/professional name shown to others
By going to https://github.com/Wi1DN00B we can see the mentioned CVE that he was talking about is the same as one one we have discovered earlier, and checking the commits we can see the mentioned date in the question as the CVE name is CVE-2024-55968
(4/9) What is the only commit for which Wi1DN00B provided a description for?
Answer: Create poc.m
Correct!Going to the Forth question What is the only commit for which Wi1DN00B provided a description for?, we can answer that question from the upper question, as the only commit that have had a description was Create poc.m
(5/9) One of WilDN00B's friends wrote an article related to "Web XSS" what is the name of the first tool mentioned in that article?
Answer: Activepieces
Correct!Going to the fifth question One of WilDN00B's friends wrote an article related to "Web XSS" what is the name of the first tool mentioned in that article?, This question needs some skills while thinking before solving it, when we say friends that means there is a thing that may connect them, as post, mention, follower, comment, following etc, so based on that we will check the previous Sherlock Search results, if we read the question he say’s article related to "Web XSS" so it is based on cyber security technical things, so we need to check a thing that may be related to technical people and have some things related to post, mention, follower, comment, following, so based on that we can see that GitHub is a good fit
Check who he’s following and note their usernames. Based on the descriptions, one of them appears to be involved in something web related.
Checking there usernames, and there description we can see that one of them have a thing related to the web as InfoSec & Web | into breaking stuff
Checking that username profile 
GitHub J0LGER - Overview we can see that he have a bloghub Repository that can have some related thing for articles
Visiting the Repository 
Embed GitHub we can see that there is a website link J0LGER - Bloghub J0LGER - Bloghub, after opening it we have seen a blog that is related to Web XSS" J0LGER - Bloghub XSS on Steroids Gaining Unauthenticated Access that mentions a tool in the first line called Activepieces
(6/9) Can you confirm the real name of J0LGER? answer as:FirstName_LastName ?
Answer: Majd_Alasfar
Correct!The sixth question was asking about Can you confirm the real name of J0LGER? answer as:FirstName_LastName ? based on that we will make a Sherlock Search, and we will see a HackerOne account, as it may be some how related for what we have seen so from these users motives
Going to https://hackerone.com/j0lger?type=user will reveal his real name as Majd Alasfar
(7/9) What is the official contact email used by the Skidz team for business inquiries?
Answer: contact@skidz.io
Correct!The Seventh Question was about What is the official contact email used by the Skidz team for business inquiries? we can check that by searching for Skidz and going to the first link https://skidz.io/ we know that this is the correct website by the quote that was presented in the question description same as in the founded website
Now we can just check the Contact Us section an check the email address as contact@skidz.io
(8/9) We've identified the real names of two members what are the names of the other two we haven't discovered yet? answer as:(Y)FirstNameLastName_(H)FirstNameLastName !!
Answer: YazanJaber_HamzaAbuAmmar
Correct!Checking the Eight question We've identified the real names of two members what are the names of the other two we haven't discovered yet? answer as:(Y)FirstNameLastName_(H)FirstNameLastName !! , from the upper website we can see that there is a LinkedIn and Instagram, as they may have some pictures or posts that mentions the other team members, opening LinkedIn account https://www.linkedin.com/company/skidz/about/ and checking the people section we can see that there is no like co founder or any other managers names presented
Going to Instagram https://www.instagram.com/skidz.io/ we can see that they have some posts that have people faces, let’s check one by one until we find something useful
Going to https://www.instagram.com/p/DLfQW2xvJDd/ we can see that Majd the user that we have found earlier is presented with other two user @yazanjaber.99 , @hamzaabuammar with a post text that says A special thank you to our amazing team
Now we will check each one of them by clicking on there Instagram accounts and checking there real names presented as Yazan Jaber and Hamza AbuAmmar with a formatted answer as YazanJaber_HamzaAbuAmmar
(9/9) What is Hamza AbuAmmar's username?
Answer: abuammar
Correct!The last question says What is Hamza AbuAmmar's username? we can make a google dork and check some related links, as it is also mentioned within the HackerOne same as the previous user, by going to https://hackerone.com/abuammar/hacktivity?type=user and checking the username section presented as abuammar
Based on that we have answer the 9 questions and have had the flag.
Congratulations! You solved all questions!
NCSC{Sk1Ds_Za_B3st_Cyb3rS3c_T3am_H@v3_b33n_Hunt3d_2025}
Challenge Idea
The player must answer 9 questions related to Skidz, investigating social media accounts and analyzing relationships between users through posts, comments, followers, and followings. They’ll also match social media types and extract answers based on real names, team member counts, past usernames, tool names, platform names, associated handles, and full identities, new websites ideas will be presented as HackerOne and CTFtime, also username, full name match will be presented within GitHub