My Road to TROOPERS Scholarship! – Part 1

Hello Everyone,

It’s been a while since our last talk. You know, many things happening, a masters degree and a constant dream hunting. I think that the last time we talked, it was about my conclusion in the BlackHat Europe 2016 event, and my first vlog. Now, it is time for a new announcement, and my acquisition of a scholarship for the TROOPERS 17, which happens to be the 10 year anniversary of TROOPERS, which will be awesome, for sure!

For more, go here:

As with BlackHat, TROOPERS gives some scholarships to students around the world, which are interested and involved into the security sector. The competition is big in such events, because you are attending for free, bypassing a big fee that others have to pay, to attend it. For TROOPERS the process is more simple than BlackHat, and you just have to sent a motivation letter. The instructions on the site are as follows:


Troopers is all about training, personal progression, and making the world a safer place. The limited budget of many students should not get in the way of this mission. Hence we offer students the opportunity to submit a short abstract to apply for their free Troopers attendance. As the available seats are limited and there are potentially a high number of students, we apologize if we cannot accept all student applications.

If you want to apply, please send us an abstract about why you in particular should be attending Troopers — keep in mind, you have to convince us! Including:

  • A short personal introduction
  • Current fields of work/degree programs
  • Experiences and activities in the area of IT security
  • Published work/research/white papers/write-ups
  • Expectations for the conference and expected personal progression
  • What you will contribute to TROOPERS

Send this letter to
The deadline for the submission of Student Motivation Letters is January 31st 2017.

I learned about it, in one of my work trips, that a friend of mine mentioned it, and I searched it immediately. I prepared my letter and sent it to the email stated above. My email was the following:


My name is Thomas Sermpinis, and I am a Master’s student from Greece. I am 23 years old, with great passion for Cyber Security, from the age of 12 when I firstly started programming. I am currently studying for my master’s degree in “Informatics and Management” in the Aristotle University of Thessaloniki and I work in the security sector, preparing workshops for Hakin9 media, related to IT security topics. I have started working in this sector by the age of 18, where I worked in the biggest Greek Hacking Magazine, DeltaHacker. I am also, freelance in penetration testing, for an extra income, because of the difficult economic situation of Greece, but of course I really love what I do. Also, I have a personal YouTube channel, that I produce videos related to security, with a big fanbase.

As I wrote, my main field of work these last years, is presenting my knowledge to others, with workshop instructing, and article writing. By this, I have met many people, and acquired many experience in this field. I have also traveled to Germany this last year, for an opportunity in working with a Cyber Security firm, named Auxilium. Continuing, recently I acquired an academic scholarship for BlackHat Europe 2016, which I will attend in November and I hope that I will gain much from it.

Some of the topics that I have researched and presented in various ways are:

  • Penetration Testing with Android Devices (Hakin9, Google Developers Conference)
  • Android Malware Analysis (Hakin9)
  • Web Application Hacking: Data Store Attacks (Hakin9)
  • Penetration Testing with Kali 2.0 (Hakin9, DeltaHacker)

This is only a small part of my work in the security field, in which I want to work and offer my knowledge and experiences. This is also a reason why I want to attend TROOPERS. I want to meet new people, and acquire new knowledge, throughout the exceptional layout of this event. I thing that this is the way to my personal progression, and this is why I am continuously searching for new opportunities that will help me in this matter. Of course, my presence there will not go unnoticed. I want to be active and stand out of the crowd, by participating in competitions and discussions of TROOPERS. Finally, it will be a big and serious opportunity for me, that I will also be able to write about in my blog (cr0wsplace {dot} wordpress {dot} com) and let every reader know about TROOPERS conference and events, which will also be good advertising for you.

I look forward to hearing from you.

Best Regards,
Thomas Sermpinis

I am now selected as one of the scholarship holders, and I will attend the conference and the NGI event on March 20-24th of 2017. I will make a part 2 for the letter of acceptance and the registration process, so stay tuned. 😉


BlackHat Europe 2016 – Epilogue

Hello Everyone,

Here again, after two really succesful days in London. BlackHat Europe ended up with really good fealings, with new friends and contacts, with many presents from the event, and more knowledge.

During my time there, I tried to capture the most importand aspects of the event, to able to constract them in a mini-documentary, that it can pass you the spirit and for you to be able to feel it, despite you weren’t there.

The conclusion of the event is that it was a really good start in the security events for me, and I hope that it is the first of many to come. Finally, I want to tell you that I met Jeff Moss (the founder of BlackHat and DefCon events) in person, and we had a really good talk. His tweet after our talk was the following:


Hope to enjoy my video. Feel free to commend, like, dislike and subscribe to my channel.


Web Application Hacking Course by Cr0wTom

Hello Everyone,

As you already know, because of my early work on Cr0w’s Place, and your support of course, I have the opportunity to work in some of the biggest education providers in the security sector. One of them is Hakin9 Media SP. with whom I am starting a new four week course tomorrow, in the subject of Web Application Hacking, and specifically in DataStore attacks and Advanced SQL Injection. You can find my course here.

My intentions are not to phish for clients. It is a really advanced topic, that not anyone can attend. But if you are up to Security and Hacking and you have some knowledge in SQL Injection, you can find this really helpful.

To continue, I want to tell you that I am preparing a vlog for the upcoming BlackHat event, that I will attend in November. I want to call anyone that will attend too, to communicate me, and scheduled a meeting in the event. I will happy to meet all of you, and present you in my BlackHat videos.

Feel free to contact me with any contact way available. 🙂


Wordlist Creation with CUPP (Mr. Robot)

In this tutorial for Cr0w’s Place we are going to see how to generate a wordlist / dictionary file in Kali Linux, with a different tool, called CUPP. The difference is that this tool uses questions related to the victim, to produce a personalized wordlist for him/her. It is a really useful and effective tool, and it has also been shown in Mr. Robot series.

CUPP is a very powerful tool that creates a wordlist specifically for a person. CUPP is cross platform and written in Python. CUPP asks us questions about the target (name, wife’s name, pet’s name…) and then creates a password based on the keywords we entered.

To install it, go to a folder with a terminal window and type:

git clone

After this, and into the newly created cupp folder, we start the program like this:

  • cupp -i

Parameters are:

  • -h this menu
  • -i Interactive questions for user password profiling
  • -w Use this option to profile existing dictionary, or output to make some pwnsauce 🙂
  • -l Download huge wordlists from repository
  • -a Parse default usernames and passwords directly from Alecto DB. Project Alecto uses purified databases of Phenoelit and CIRT which where merged and enhanced.
  • -v Version of the program

If you like my job please Subscribe.

Thank You For Watching.:)


CTF team recruitment!

Hello everyone,

As you already know, I have started to be more active these last years in the field of security. I am not just an enthusiast, but I work and study for this field. The purpose of this post isn’t to present you my resume, but to start something new.

All these years I work alone. I write, test, and learn alone. I have also, compete in some CTFs alone, with random teams, from forums and Reddit. But I want to end this now. I want to create a team, and start to compete, wherever it is possible, develop-learn-share knowledge together, and start something new, that will offer not only to us, but hopefully to everyone.

I don’t know the name, I don’t know how many people we will be, but I want people with passion for the Security sector. Passion for computer hacking, developing, programming, penetration testing etc. I don’t want the guy that studies I.T. and goes to work just to live. Let’s create something extraordinary!

I will be happy to hear and speak with you. I am based in Greece, but I don’t thing that I want to restrict it here, so everyone is welcome. Feel free to ask me anything in any of the contact ways that you may find in this blog.