# ANSSI - Agence Nationale de Securite des Systemes d'Information
**Sector:** Cybersecurity (National Cyber Agency / CIRT)
**Date:** 2026-03-03
**Source:** THOT Domain Intel + Manual Recon

## Domains
| Domain | Status |
|--------|--------|
| `anssi.bf` | UP |

## Hosting & Infrastructure
- **IP:** Unknown (WhatWeb could not resolve — possible CDN or access control)
- **Server:** Not disclosed in headers (no Server header)
- **Title:** "Accueil" (French for "Home")

## Tech Stack
### CMS / Framework
- **Django** (Python web framework) — detected via csrftoken cookie and Django fingerprint
- **jQuery 3.6.0**
- HTML5

### Security Headers (STRONGEST OF ALL BF SITES)
- **HSTS:** max-age=63072000; includeSubDomains; preload (**2 YEARS** — highest seen)
- **X-Frame-Options:** SAMEORIGIN (set twice — belt and suspenders)
- **X-XSS-Protection:** 1; mode=block
- **X-Content-Type-Options:** nosniff
- **Referrer-Policy:** same-origin AND no-referrer-when-downgrade
- **Cross-Origin-Opener-Policy:** same-origin
- **Permissions-Policy:** geolocation=(), microphone=() (explicitly denied)
- **csrftoken cookie:** SameSite=Lax

### Analytics
- No Google Analytics
- No tracking pixels detected

## DNS Records (4 found)
- Minimal DNS footprint

## Subdomains (0 found via brute-force)
- **Zero subdomains** — tightest subdomain posture of ALL analyzed targets

## Emails Discovered (from website content)
- `infos@ssi.gov.bf` — general contact
- `sakman.zongo@ssi.gov.bf` — **named individual** (Sakman Zongo)
- `web.anssi@ssi.gov.bf` — webmaster contact

**Note:** Email domain is `ssi.gov.bf` (not anssi.bf) — indicates the agency's official email runs on gov.bf infrastructure

## Interesting Findings
- **Django framework** — ONLY non-PHP, non-WordPress site in the entire Burkina Faso government web estate
  - Python/Django is a modern, security-conscious choice
  - This is literally the cybersecurity agency using a different (better) tech stack than everyone else
- **Strongest security headers** of ALL BF sites — 2-year HSTS with preload, CORS, referrer policy, permissions policy
- **No server header** disclosed — server fingerprint deliberately hidden
- **Zero subdomains** — perfect subdomain discipline
- **IP not resolvable** by WhatWeb — may indicate CDN, access control, or non-standard hosting
- **Named personnel:** Sakman Zongo works at ANSSI (ssi.gov.bf email)
- **csrftoken cookie** — Django's CSRF protection is active
- **Cross-Origin-Opener-Policy** — modern browser isolation enabled (defense against Spectre-class attacks)
- The contrast between ANSSI's security posture and the rest of BF government sites is stark

## Security Assessment
- **BEST security posture** of all analyzed Burkina Faso sites
- Django > WordPress/Joomla/TYPO3 for security baseline
- Zero subdomain exposure
- Modern security headers (COOP, Permissions-Policy)
- No unnecessary information leakage
- The cybersecurity agency practices what it preaches

## TODO
- [ ] Check for Django admin panel (/admin/)
- [ ] Probe for Django REST framework (/api/)
- [ ] Check robots.txt and sitemap.xml
- [ ] Investigate ssi.gov.bf domain
- [ ] Research Sakman Zongo (OSINT on personnel)
- [ ] Shodan/Censys passive lookup