EYCC 2025 — OSINT Challenges
Hola! This write-up covers the Egyptian Youth Cybersecurity Competition (EYCC) OSINT challenges that I solved with steps taken to find the flag.
This was my first time exploring OSINT challenges, and I definitely enjoyed them!
First Challenge: Phantom Employee
Our mission was to find the name of a fired employee and check their digital footprint to find the flag.
We were given a link to the company’s website, which had an Our Team page:
There was no clue about the fired employee either on the page itself or in the source code. So I copied the challenge’s link to the WayBack Machine and found an old version of the website that had the fired employee’s name:
Then I searched for this employee’s name across different platforms but initially found nothing. After some digging, I finally found a LinkedIn account with the same name and noticed the flag in the account’s info:
Second Challenge: Shadow Signal
This time, the goal was to track the digital footprint of an employee at a company called TechSecure Inc. to find the flag.
A link to the company’s website was provided. I checked the site and noticed something interesting in the Our Team section:
I searched for this username on different platforms and found an X account belonging to the same employee, which included a posted picture:
I first thought the flag was in the picture, so I tried extracting metadata and checking for steganography but found nothing. At this point, I almost lost hope.
However, in the comment section, I found an old comment from someone named Mark, who was definitely not a contestant since the comment was made before the competition started:
Following that account led me to another picture:
I downloaded this picture and examined it using strings:
strings coffee.jpg | headThe output hinted at a link to check:
After checking the link, I found the flag directly:
That’s it! Don’t forget to check my other write-ups for the Web, Crypto, and Forensics challenges.