# Presidence du Faso **Sector:** Presidency / Head of State **Date:** 2026-03-03 **Source:** THOT Domain Intel + Manual Recon ## Domains | Domain | Status | |--------|--------| | `presidencedufaso.bf` | UP | | `www.presidencedufaso.bf` | UP (canonical) | ## Hosting & Infrastructure - **IP:** 128.65.195.89 - **Country:** SWITZERLAND (Infomaniak hosting) - **Server:** Apache (version hidden) - **WHOIS Registrar:** ECODEV INTERNATIONAL (ismael.odg@ecodev.dev admin contact) ## Tech Stack ### CMS / Framework - **WordPress 6.9.1** (latest branch) - **WPBakery Page Builder** (drag and drop) - **LayerSlider 8.2.0** (animations, sliders, popups) - **Slider Revolution 6.7.38** (responsive sliders) - **Really Simple Security** plugin (handles HTTPS redirect) ### Frontend / JavaScript - **jQuery 3.7.1** - **Bootstrap** - HTML5, Open Graph Protocol - YouTube embeds - Speculation Rules API enabled (modern Chrome feature) ### Security Headers - **HSTS:** max-age=16000000 (~185 days) - **PHPSESSID cookie:** Secure, HttpOnly - **Permissions-Policy:** private-state-token configured for Google, Cloudflare, hCaptcha - No X-Frame-Options - No CSP header ### Analytics - No Google Analytics detected - No visible tracking pixels ## Interesting Findings - **Hosted in Switzerland (Infomaniak)** — military junta's presidency website hosted outside Africa, in a neutral Western country - **ECODEV INTERNATIONAL** registered the domain — ismael.odg@ecodev.dev is the admin - **WordPress 6.9.1** — relatively current version - **3 slider plugins** (LayerSlider, Slider Revolution, WPBakery) — heavy plugin stack, large attack surface - **Slider Revolution** has a long history of critical CVEs - **Really Simple Security** plugin controls HTTP→HTTPS redirect (identified in `x-redirect-by` header) - **PHPSESSID exposed** — session cookies visible in responses - **Permissions-Policy** references Google reCAPTCHA, Cloudflare challenges, and hCaptcha — indicates form protection - **Only 1 subdomain** found via brute-force (www) — tight subdomain posture ## Emails Discovered - `ismael.odg@ecodev.dev` (WHOIS admin — ECODEV INTERNATIONAL) - No emails found via Email Hunter ## Security Notes - Swiss hosting = outside African legal jurisdiction, harder for regional adversaries to physically access - WordPress + multiple slider plugins = known vulnerable combo if not patched - No CDN/WAF detected - HSTS enabled but max-age could be higher ## TODO - [ ] Check /wp-admin and /wp-login.php accessibility - [ ] Enumerate WordPress REST API (/wp-json/) - [ ] Check /xmlrpc.php - [ ] robots.txt and sitemap.xml - [ ] Slider Revolution version check for known CVEs - [ ] Google dorking: site:presidencedufaso.bf filetype:pdf|doc