Synacktiv
@synacktiv.com
Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
Our ninjas are in Vienna for the T-REX conference!
🎤 @kevintell.bsky.social delivered a session exploring advanced Red Team lateral movement techniques built on DCOM - a great opportunity to exchange practices with fellow experts.
Thank you to the @oenb.at for hosting such a great event!
🎤 @kevintell.bsky.social delivered a session exploring advanced Red Team lateral movement techniques built on DCOM - a great opportunity to exchange practices with fellow experts.
Thank you to the @oenb.at for hosting such a great event!
November 14, 2025 at 3:00 PM
Our ninjas are in Vienna for the T-REX conference!
🎤 @kevintell.bsky.social delivered a session exploring advanced Red Team lateral movement techniques built on DCOM - a great opportunity to exchange practices with fellow experts.
Thank you to the @oenb.at for hosting such a great event!
🎤 @kevintell.bsky.social delivered a session exploring advanced Red Team lateral movement techniques built on DCOM - a great opportunity to exchange practices with fellow experts.
Thank you to the @oenb.at for hosting such a great event!
Check out our new advisory, where @w0rty.bsky.social shows how he managed to take control of an #EticTelecom router, gaining root access 💪
🗞️ www.synacktiv.com/en/advisorie...
🗞️ www.synacktiv.com/en/advisorie...
Etic Telecom IPL-DAC-400-LE - Multiple vulnerabilities
Etic Telecom IPL-DAC-400-LE - Multiple vulnerabilities
www.synacktiv.com
November 13, 2025 at 3:33 PM
Check out our new advisory, where @w0rty.bsky.social shows how he managed to take control of an #EticTelecom router, gaining root access 💪
🗞️ www.synacktiv.com/en/advisorie...
🗞️ www.synacktiv.com/en/advisorie...
Take your embedded systems security skills to the next level 🎯
During this 5-day deep dive, you’ll explore every step of the research and exploitation chain on embedded #Linux systems.
👉 Registration is now open:
www.synacktiv.com/offres/forma...
During this 5-day deep dive, you’ll explore every step of the research and exploitation chain on embedded #Linux systems.
👉 Registration is now open:
www.synacktiv.com/offres/forma...
November 12, 2025 at 10:37 AM
Take your embedded systems security skills to the next level 🎯
During this 5-day deep dive, you’ll explore every step of the research and exploitation chain on embedded #Linux systems.
👉 Registration is now open:
www.synacktiv.com/offres/forma...
During this 5-day deep dive, you’ll explore every step of the research and exploitation chain on embedded #Linux systems.
👉 Registration is now open:
www.synacktiv.com/offres/forma...
Only 7 days to go until the #ECW gets underway!
#Synacktiv is all set and ready to showcase our #cybersecurity expertise.
📍 Do come and visit us at stand 98
#Synacktiv is all set and ready to showcase our #cybersecurity expertise.
📍 Do come and visit us at stand 98
November 10, 2025 at 9:30 AM
Only 7 days to go until the #ECW gets underway!
#Synacktiv is all set and ready to showcase our #cybersecurity expertise.
📍 Do come and visit us at stand 98
#Synacktiv is all set and ready to showcase our #cybersecurity expertise.
📍 Do come and visit us at stand 98
[Blogpost] @croco_byte presents how to exploit attack paths related to Active Directory sites' ACLs.
As the latter often constitute a blind spot for AD enumeration tools, the article also describes a pull request aiming to integrate them into the BloodHound project:
As the latter often constitute a blind spot for AD enumeration tools, the article also describes a pull request aiming to integrate them into the BloodHound project:
Site Unseen: Enumerating and Attacking Active Directory Sites
Site Unseen: Enumerating and Attacking Active Directory Sites
www.synacktiv.com
November 7, 2025 at 2:15 PM
[Blogpost] @croco_byte presents how to exploit attack paths related to Active Directory sites' ACLs.
As the latter often constitute a blind spot for AD enumeration tools, the article also describes a pull request aiming to integrate them into the BloodHound project:
As the latter often constitute a blind spot for AD enumeration tools, the article also describes a pull request aiming to integrate them into the BloodHound project:
Thinking about applying to #Synacktiv?
Before sending in your application, take a few minutes to explore our candidate #FAQ.
🎯 Our goal: to help you better understand who we are, how we work, and what we value in future teammates.
👉 Find all the answers here: www.synacktiv.com/faq-recrutem...
Before sending in your application, take a few minutes to explore our candidate #FAQ.
🎯 Our goal: to help you better understand who we are, how we work, and what we value in future teammates.
👉 Find all the answers here: www.synacktiv.com/faq-recrutem...
November 7, 2025 at 8:42 AM
Thinking about applying to #Synacktiv?
Before sending in your application, take a few minutes to explore our candidate #FAQ.
🎯 Our goal: to help you better understand who we are, how we work, and what we value in future teammates.
👉 Find all the answers here: www.synacktiv.com/faq-recrutem...
Before sending in your application, take a few minutes to explore our candidate #FAQ.
🎯 Our goal: to help you better understand who we are, how we work, and what we value in future teammates.
👉 Find all the answers here: www.synacktiv.com/faq-recrutem...
🇫🇷 During "Le Big Bang de l’Économie" by #LeFigaro, @kevintell.bsky.social gave a live pentest demo, showing how easily data can be exposed when systems aren’t properly secured: youtu.be/XVJUF1zt1FE
👉 Watch the whole show: video.lefigaro.fr/figaro/econo...
👉 Watch the whole show: video.lefigaro.fr/figaro/econo...
[Le Big Bang de l’Économie - Le Figaro] Cybersécurité : sommes-nous vraiment prêts ?
YouTube video by Synacktiv
youtu.be
November 6, 2025 at 2:57 PM
🇫🇷 During "Le Big Bang de l’Économie" by #LeFigaro, @kevintell.bsky.social gave a live pentest demo, showing how easily data can be exposed when systems aren’t properly secured: youtu.be/XVJUF1zt1FE
👉 Watch the whole show: video.lefigaro.fr/figaro/econo...
👉 Watch the whole show: video.lefigaro.fr/figaro/econo...
Registration is now open for our upcoming sessions dedicated to forensics, malware analysis, and cloud investigation !
Our expert-led trainings are available in English or French, online or on-site 🎯
👉 Explore the full program and register now: www.synacktiv.com/en/offers/tr...
Our expert-led trainings are available in English or French, online or on-site 🎯
👉 Explore the full program and register now: www.synacktiv.com/en/offers/tr...
November 5, 2025 at 9:13 AM
Registration is now open for our upcoming sessions dedicated to forensics, malware analysis, and cloud investigation !
Our expert-led trainings are available in English or French, online or on-site 🎯
👉 Explore the full program and register now: www.synacktiv.com/en/offers/tr...
Our expert-led trainings are available in English or French, online or on-site 🎯
👉 Explore the full program and register now: www.synacktiv.com/en/offers/tr...
A big shout-out to the #Synacktiv team for their strong performance at the latest #Pwn2Own competition in Cork!
They proudly secured third place overall 👏
Next stop: Tokyo for the upcoming edition 🇯🇵 👀
More details on the targets and participants here ℹ️
www.zerodayinitiative.com/blog/2025/20...
They proudly secured third place overall 👏
Next stop: Tokyo for the upcoming edition 🇯🇵 👀
More details on the targets and participants here ℹ️
www.zerodayinitiative.com/blog/2025/20...
October 31, 2025 at 3:54 PM
A big shout-out to the #Synacktiv team for their strong performance at the latest #Pwn2Own competition in Cork!
They proudly secured third place overall 👏
Next stop: Tokyo for the upcoming edition 🇯🇵 👀
More details on the targets and participants here ℹ️
www.zerodayinitiative.com/blog/2025/20...
They proudly secured third place overall 👏
Next stop: Tokyo for the upcoming edition 🇯🇵 👀
More details on the targets and participants here ℹ️
www.zerodayinitiative.com/blog/2025/20...
#REVEL·IO will be exhibiting at #MilipolParis 2025 📢
Developed by @synacktiv.com, REVEL·IO is the first French digital forensics solution designed to help investigators.
📍 Hall 4 - Forensic zone - Stand H063
💡 Learn more about Milipol: www.milipol.com/en
💡 Discover REVEL·IO: revelio.eu
Developed by @synacktiv.com, REVEL·IO is the first French digital forensics solution designed to help investigators.
📍 Hall 4 - Forensic zone - Stand H063
💡 Learn more about Milipol: www.milipol.com/en
💡 Discover REVEL·IO: revelio.eu
October 31, 2025 at 8:40 AM
#REVEL·IO will be exhibiting at #MilipolParis 2025 📢
Developed by @synacktiv.com, REVEL·IO is the first French digital forensics solution designed to help investigators.
📍 Hall 4 - Forensic zone - Stand H063
💡 Learn more about Milipol: www.milipol.com/en
💡 Discover REVEL·IO: revelio.eu
Developed by @synacktiv.com, REVEL·IO is the first French digital forensics solution designed to help investigators.
📍 Hall 4 - Forensic zone - Stand H063
💡 Learn more about Milipol: www.milipol.com/en
💡 Discover REVEL·IO: revelio.eu
Another busy month with many technical talks from the team! 💪
Links and more details below 👇️
Links and more details below 👇️
October 30, 2025 at 4:26 PM
Another busy month with many technical talks from the team! 💪
Links and more details below 👇️
Links and more details below 👇️
Level up your pentesting skills in 2026 🚀
Join Synacktiv’s hands-on trainings: from Kubernetes & cloud hacks to web app attacks & AD intrusion.
More information & registration : www.synacktiv.com/en/offers/tr...
Join Synacktiv’s hands-on trainings: from Kubernetes & cloud hacks to web app attacks & AD intrusion.
More information & registration : www.synacktiv.com/en/offers/tr...
Les formations
Synacktiv
www.synacktiv.com
October 30, 2025 at 9:46 AM
Level up your pentesting skills in 2026 🚀
Join Synacktiv’s hands-on trainings: from Kubernetes & cloud hacks to web app attacks & AD intrusion.
More information & registration : www.synacktiv.com/en/offers/tr...
Join Synacktiv’s hands-on trainings: from Kubernetes & cloud hacks to web app attacks & AD intrusion.
More information & registration : www.synacktiv.com/en/offers/tr...
In our new article, Maxime Desbrus examines a technique for easily creating a Rust “Two-Face” binary for #Linux:
➡️ in most environments it runs a benign program;
➡️ but on a specific host it launches an entirely different, much more discreet payload.
Read it here 🔗 www.synacktiv.com/en/publicati...
➡️ in most environments it runs a benign program;
➡️ but on a specific host it launches an entirely different, much more discreet payload.
Read it here 🔗 www.synacktiv.com/en/publicati...
Creating a "Two-Face" Rust binary on Linux
Creating a "Two-Face" Rust binary on Linux
www.synacktiv.com
October 30, 2025 at 9:13 AM
In our new article, Maxime Desbrus examines a technique for easily creating a Rust “Two-Face” binary for #Linux:
➡️ in most environments it runs a benign program;
➡️ but on a specific host it launches an entirely different, much more discreet payload.
Read it here 🔗 www.synacktiv.com/en/publicati...
➡️ in most environments it runs a benign program;
➡️ but on a specific host it launches an entirely different, much more discreet payload.
Read it here 🔗 www.synacktiv.com/en/publicati...
@synacktiv.com x #OteriaCyberSchool 🤝
Once again, our ninjas are taking part in designing the entry challenge for #0x41 - the legendary “piscine” (pool) 🏊♂️
🥷 Ready to dive in? Registration is now open: x41.fr
Once again, our ninjas are taking part in designing the entry challenge for #0x41 - the legendary “piscine” (pool) 🏊♂️
🥷 Ready to dive in? Registration is now open: x41.fr
0x41 • Oteria // A new path to cyber vulnerabilities research
Découvrez la formation 0x41 d’Oteria // Deux ans pour devenir expert en recherche de vulnérabilités. Formation reconnue RNCP niveau 7.
x41.fr
October 28, 2025 at 9:14 AM
@synacktiv.com x #OteriaCyberSchool 🤝
Once again, our ninjas are taking part in designing the entry challenge for #0x41 - the legendary “piscine” (pool) 🏊♂️
🥷 Ready to dive in? Registration is now open: x41.fr
Once again, our ninjas are taking part in designing the entry challenge for #0x41 - the legendary “piscine” (pool) 🏊♂️
🥷 Ready to dive in? Registration is now open: x41.fr
Following their presentation at @hexacon.bsky.social, @mtalbi.bsky.social & Etienne detail how they exploited CVE-2023-40129, a critical vulnerability affecting the Bluetooth stack in Android ⬇️
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Paint it blue: Attacking the bluetooth stack
Paint it blue: Attacking the bluetooth stack
www.synacktiv.com
October 27, 2025 at 4:02 PM
Following their presentation at @hexacon.bsky.social, @mtalbi.bsky.social & Etienne detail how they exploited CVE-2023-40129, a critical vulnerability affecting the Bluetooth stack in Android ⬇️
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Synacktiv at Cyber security Business Convention 🚀
Our teams will be attending #CBC on November 26&27 for two days fully dedicated to #cybersecurity - featuring technical exchanges, feedback sessions, and passionate discussions about the latest developments in the field.
ℹ️ cbc-convention.com
Our teams will be attending #CBC on November 26&27 for two days fully dedicated to #cybersecurity - featuring technical exchanges, feedback sessions, and passionate discussions about the latest developments in the field.
ℹ️ cbc-convention.com
October 27, 2025 at 12:45 PM
Synacktiv at Cyber security Business Convention 🚀
Our teams will be attending #CBC on November 26&27 for two days fully dedicated to #cybersecurity - featuring technical exchanges, feedback sessions, and passionate discussions about the latest developments in the field.
ℹ️ cbc-convention.com
Our teams will be attending #CBC on November 26&27 for two days fully dedicated to #cybersecurity - featuring technical exchanges, feedback sessions, and passionate discussions about the latest developments in the field.
ℹ️ cbc-convention.com
🎓 Synacktiv Training Sessions 2026 are now open!
Looking to take your offensive or defensive cybersecurity skills to the next level?
Our experts deliver hands-on, high-intensity technical training, available on-site or online, in French or English.
More details 👇
www.synacktiv.com/en/offers/tr...
Looking to take your offensive or defensive cybersecurity skills to the next level?
Our experts deliver hands-on, high-intensity technical training, available on-site or online, in French or English.
More details 👇
www.synacktiv.com/en/offers/tr...
Les formations
Synacktiv
www.synacktiv.com
October 23, 2025 at 2:18 PM
🎓 Synacktiv Training Sessions 2026 are now open!
Looking to take your offensive or defensive cybersecurity skills to the next level?
Our experts deliver hands-on, high-intensity technical training, available on-site or online, in French or English.
More details 👇
www.synacktiv.com/en/offers/tr...
Looking to take your offensive or defensive cybersecurity skills to the next level?
Our experts deliver hands-on, high-intensity technical training, available on-site or online, in French or English.
More details 👇
www.synacktiv.com/en/offers/tr...
🎉 Big win at #Pwn2Own Cork!
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
October 23, 2025 at 12:35 PM
🎉 Big win at #Pwn2Own Cork!
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
Impressive work from our team today at #Pwn2Own!
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
October 22, 2025 at 3:36 PM
Impressive work from our team today at #Pwn2Own!
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
Congrats to tek and anyfun for landing the first successful entry at #Pwn2OwnCork - exploiting a stack overflow on Synology BeeStation Plus for $40,000 and 4 Master of Pwn points in the process 💥
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Let’s keep pushing 💪
#P2OIreland #Synacktiv
October 21, 2025 at 3:32 PM
Congrats to tek and anyfun for landing the first successful entry at #Pwn2OwnCork - exploiting a stack overflow on Synology BeeStation Plus for $40,000 and 4 Master of Pwn points in the process 💥
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Let’s keep pushing 💪
#P2OIreland #Synacktiv
The @synacktiv.com team is live at #Pwn2OwnCork 🇮🇪
This year’s edition is co-sponsored by #Meta, putting the spotlight on WhatsApp - with up to $1,000,000 up for grabs for a 0-click RCE exploit.
Let the challenge begin 🔥
ℹ️ www.zerodayinitiative.com/blog/2025/7/...
This year’s edition is co-sponsored by #Meta, putting the spotlight on WhatsApp - with up to $1,000,000 up for grabs for a 0-click RCE exploit.
Let the challenge begin 🔥
ℹ️ www.zerodayinitiative.com/blog/2025/7/...
Zero Day Initiative — Pwn2Own Returns to Ireland with a One Million Dollar WhatsApp Target
If you just want to read the rules, you can find them here . Updated on 8/15 to clarify printer target models. Updated on 8/22 to clarify scoping for WhatsApp for Windows. Last year, we moved...
www.zerodayinitiative.com
October 21, 2025 at 3:07 PM
The @synacktiv.com team is live at #Pwn2OwnCork 🇮🇪
This year’s edition is co-sponsored by #Meta, putting the spotlight on WhatsApp - with up to $1,000,000 up for grabs for a 0-click RCE exploit.
Let the challenge begin 🔥
ℹ️ www.zerodayinitiative.com/blog/2025/7/...
This year’s edition is co-sponsored by #Meta, putting the spotlight on WhatsApp - with up to $1,000,000 up for grabs for a 0-click RCE exploit.
Let the challenge begin 🔥
ℹ️ www.zerodayinitiative.com/blog/2025/7/...
European Cyber Week is calling 🇪🇺
From 17th to 20th November 2025, @synacktiv.com will be there for another exciting edition of #ECW.
Don't miss it!
ℹ️ www.european-cyber-week.eu
From 17th to 20th November 2025, @synacktiv.com will be there for another exciting edition of #ECW.
Don't miss it!
ℹ️ www.european-cyber-week.eu
October 20, 2025 at 12:40 PM
European Cyber Week is calling 🇪🇺
From 17th to 20th November 2025, @synacktiv.com will be there for another exciting edition of #ECW.
Don't miss it!
ℹ️ www.european-cyber-week.eu
From 17th to 20th November 2025, @synacktiv.com will be there for another exciting edition of #ECW.
Don't miss it!
ℹ️ www.european-cyber-week.eu
Our post-quantum cryptography series continues!
This new article by @bluesheeet.bsky.social unpacks the hybridization of key exchanges, covering theory and implementations.
Read all about why it matters, how to approach it safely, and some misconceptions here 👇
www.synacktiv.com/en/publicati...
This new article by @bluesheeet.bsky.social unpacks the hybridization of key exchanges, covering theory and implementations.
Read all about why it matters, how to approach it safely, and some misconceptions here 👇
www.synacktiv.com/en/publicati...
Quantum readiness: Hybridizing key exchanges
Quantum readiness: Hybridizing key exchanges
www.synacktiv.com
October 16, 2025 at 2:49 PM
Our post-quantum cryptography series continues!
This new article by @bluesheeet.bsky.social unpacks the hybridization of key exchanges, covering theory and implementations.
Read all about why it matters, how to approach it safely, and some misconceptions here 👇
www.synacktiv.com/en/publicati...
This new article by @bluesheeet.bsky.social unpacks the hybridization of key exchanges, covering theory and implementations.
Read all about why it matters, how to approach it safely, and some misconceptions here 👇
www.synacktiv.com/en/publicati...
LinkPro: new stealthy #Linux rootkit based on eBPF 🔍️
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
October 14, 2025 at 2:33 PM
LinkPro: new stealthy #Linux rootkit based on eBPF 🔍️
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
🎯 New training session: #ActiveDirectory Intrusion Tactics – Advanced Level
5 intense days diving into advanced AD intrusion techniques.
Don’t miss our upcoming offensive #cybersecurity courses!
🔗 www.synacktiv.com/en/offers/tr...
5 intense days diving into advanced AD intrusion techniques.
Don’t miss our upcoming offensive #cybersecurity courses!
🔗 www.synacktiv.com/en/offers/tr...
October 13, 2025 at 12:41 PM
🎯 New training session: #ActiveDirectory Intrusion Tactics – Advanced Level
5 intense days diving into advanced AD intrusion techniques.
Don’t miss our upcoming offensive #cybersecurity courses!
🔗 www.synacktiv.com/en/offers/tr...
5 intense days diving into advanced AD intrusion techniques.
Don’t miss our upcoming offensive #cybersecurity courses!
🔗 www.synacktiv.com/en/offers/tr...