Reposted by F4b
Meet our #Synacktiv and @revel-io.bsky.social experts at #Milipol, from Tuesday 18 to Friday 21 November 2025!
📍 Visit us at Stand H063 (Hall 4 – Forensic Zone).
ℹ️ www.milipol.com/fr-FR
📍 Visit us at Stand H063 (Hall 4 – Forensic Zone).
ℹ️ www.milipol.com/fr-FR
The wait is over - #MilipolParis 2025 starts today 🎉
Meet our dream team:
▪️ #REVEL·IO, our mobile device #forensic solution
▪️ @synacktiv.com, leaders in offensive #cybersecurity
Find us at stand H063 (Hall 4 - Forensic Zone) 📍
Meet our dream team:
▪️ #REVEL·IO, our mobile device #forensic solution
▪️ @synacktiv.com, leaders in offensive #cybersecurity
Find us at stand H063 (Hall 4 - Forensic Zone) 📍
November 18, 2025 at 10:08 AM
Meet our #Synacktiv and @revel-io.bsky.social experts at #Milipol, from Tuesday 18 to Friday 21 November 2025!
📍 Visit us at Stand H063 (Hall 4 – Forensic Zone).
ℹ️ www.milipol.com/fr-FR
📍 Visit us at Stand H063 (Hall 4 – Forensic Zone).
ℹ️ www.milipol.com/fr-FR
Reposted by F4b
[Blogpost] @croco_byte presents how to exploit attack paths related to Active Directory sites' ACLs.
As the latter often constitute a blind spot for AD enumeration tools, the article also describes a pull request aiming to integrate them into the BloodHound project:
As the latter often constitute a blind spot for AD enumeration tools, the article also describes a pull request aiming to integrate them into the BloodHound project:
Site Unseen: Enumerating and Attacking Active Directory Sites
Site Unseen: Enumerating and Attacking Active Directory Sites
www.synacktiv.com
November 7, 2025 at 2:15 PM
[Blogpost] @croco_byte presents how to exploit attack paths related to Active Directory sites' ACLs.
As the latter often constitute a blind spot for AD enumeration tools, the article also describes a pull request aiming to integrate them into the BloodHound project:
As the latter often constitute a blind spot for AD enumeration tools, the article also describes a pull request aiming to integrate them into the BloodHound project:
Reposted by F4b
See you at #MilipolParis 2025 👋
📅 November 18-21, 2025
📍 Paris Nord Villepinte - Hall 4, Stand H063 (Forensic Zone)
Meet our experts on site and discover how #REVEL·IO improves the efficiency and reliability of digital investigations
🔗 www.milipol.com/en
📅 November 18-21, 2025
📍 Paris Nord Villepinte - Hall 4, Stand H063 (Forensic Zone)
Meet our experts on site and discover how #REVEL·IO improves the efficiency and reliability of digital investigations
🔗 www.milipol.com/en
November 4, 2025 at 12:27 PM
See you at #MilipolParis 2025 👋
📅 November 18-21, 2025
📍 Paris Nord Villepinte - Hall 4, Stand H063 (Forensic Zone)
Meet our experts on site and discover how #REVEL·IO improves the efficiency and reliability of digital investigations
🔗 www.milipol.com/en
📅 November 18-21, 2025
📍 Paris Nord Villepinte - Hall 4, Stand H063 (Forensic Zone)
Meet our experts on site and discover how #REVEL·IO improves the efficiency and reliability of digital investigations
🔗 www.milipol.com/en
Reposted by F4b
A big shout-out to the #Synacktiv team for their strong performance at the latest #Pwn2Own competition in Cork!
They proudly secured third place overall 👏
Next stop: Tokyo for the upcoming edition 🇯🇵 👀
More details on the targets and participants here ℹ️
www.zerodayinitiative.com/blog/2025/20...
They proudly secured third place overall 👏
Next stop: Tokyo for the upcoming edition 🇯🇵 👀
More details on the targets and participants here ℹ️
www.zerodayinitiative.com/blog/2025/20...
October 31, 2025 at 3:54 PM
A big shout-out to the #Synacktiv team for their strong performance at the latest #Pwn2Own competition in Cork!
They proudly secured third place overall 👏
Next stop: Tokyo for the upcoming edition 🇯🇵 👀
More details on the targets and participants here ℹ️
www.zerodayinitiative.com/blog/2025/20...
They proudly secured third place overall 👏
Next stop: Tokyo for the upcoming edition 🇯🇵 👀
More details on the targets and participants here ℹ️
www.zerodayinitiative.com/blog/2025/20...
Reposted by F4b
#REVEL·IO will be exhibiting at #MilipolParis 2025 📢
Developed by @synacktiv.com, REVEL·IO is the first French digital forensics solution designed to help investigators.
📍 Hall 4 - Forensic zone - Stand H063
💡 Learn more about Milipol: www.milipol.com/en
💡 Discover REVEL·IO: revelio.eu
Developed by @synacktiv.com, REVEL·IO is the first French digital forensics solution designed to help investigators.
📍 Hall 4 - Forensic zone - Stand H063
💡 Learn more about Milipol: www.milipol.com/en
💡 Discover REVEL·IO: revelio.eu
October 31, 2025 at 8:40 AM
#REVEL·IO will be exhibiting at #MilipolParis 2025 📢
Developed by @synacktiv.com, REVEL·IO is the first French digital forensics solution designed to help investigators.
📍 Hall 4 - Forensic zone - Stand H063
💡 Learn more about Milipol: www.milipol.com/en
💡 Discover REVEL·IO: revelio.eu
Developed by @synacktiv.com, REVEL·IO is the first French digital forensics solution designed to help investigators.
📍 Hall 4 - Forensic zone - Stand H063
💡 Learn more about Milipol: www.milipol.com/en
💡 Discover REVEL·IO: revelio.eu
Reposted by F4b
Another busy month with many technical talks from the team! 💪
Links and more details below 👇️
Links and more details below 👇️
October 30, 2025 at 4:26 PM
Another busy month with many technical talks from the team! 💪
Links and more details below 👇️
Links and more details below 👇️
Reposted by F4b
Following their presentation at @hexacon.bsky.social, @mtalbi.bsky.social & Etienne detail how they exploited CVE-2023-40129, a critical vulnerability affecting the Bluetooth stack in Android ⬇️
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Paint it blue: Attacking the bluetooth stack
Paint it blue: Attacking the bluetooth stack
www.synacktiv.com
October 27, 2025 at 4:02 PM
Following their presentation at @hexacon.bsky.social, @mtalbi.bsky.social & Etienne detail how they exploited CVE-2023-40129, a critical vulnerability affecting the Bluetooth stack in Android ⬇️
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Reposted by F4b
🎉 Big win at #Pwn2Own Cork!
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
October 23, 2025 at 12:35 PM
🎉 Big win at #Pwn2Own Cork!
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
Reposted by F4b
Impressive work from our team today at #Pwn2Own!
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
October 22, 2025 at 3:36 PM
Impressive work from our team today at #Pwn2Own!
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
Reposted by F4b
Congrats to tek and anyfun for landing the first successful entry at #Pwn2OwnCork - exploiting a stack overflow on Synology BeeStation Plus for $40,000 and 4 Master of Pwn points in the process 💥
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Let’s keep pushing 💪
#P2OIreland #Synacktiv
October 21, 2025 at 3:32 PM
Congrats to tek and anyfun for landing the first successful entry at #Pwn2OwnCork - exploiting a stack overflow on Synology BeeStation Plus for $40,000 and 4 Master of Pwn points in the process 💥
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Reposted by F4b
Our post-quantum cryptography series continues!
This new article by @bluesheeet.bsky.social unpacks the hybridization of key exchanges, covering theory and implementations.
Read all about why it matters, how to approach it safely, and some misconceptions here 👇
www.synacktiv.com/en/publicati...
This new article by @bluesheeet.bsky.social unpacks the hybridization of key exchanges, covering theory and implementations.
Read all about why it matters, how to approach it safely, and some misconceptions here 👇
www.synacktiv.com/en/publicati...
Quantum readiness: Hybridizing key exchanges
Quantum readiness: Hybridizing key exchanges
www.synacktiv.com
October 16, 2025 at 2:49 PM
Our post-quantum cryptography series continues!
This new article by @bluesheeet.bsky.social unpacks the hybridization of key exchanges, covering theory and implementations.
Read all about why it matters, how to approach it safely, and some misconceptions here 👇
www.synacktiv.com/en/publicati...
This new article by @bluesheeet.bsky.social unpacks the hybridization of key exchanges, covering theory and implementations.
Read all about why it matters, how to approach it safely, and some misconceptions here 👇
www.synacktiv.com/en/publicati...
Reposted by F4b
LinkPro: new stealthy #Linux rootkit based on eBPF 🔍️
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
October 14, 2025 at 2:33 PM
LinkPro: new stealthy #Linux rootkit based on eBPF 🔍️
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡
🔗 www.synacktiv.com/en/publicati...
Reposted by F4b
That's a wrap for Hexacon 2025!
We hope that you've enjoyed the event at least as much as we did 🤩
Please take a moment to fill out our satisfaction survey and help us make Hexacon 2026 even better 🔥
Thank you for trusting us year after year 🙏
We hope that you've enjoyed the event at least as much as we did 🤩
Please take a moment to fill out our satisfaction survey and help us make Hexacon 2026 even better 🔥
Thank you for trusting us year after year 🙏
October 13, 2025 at 2:38 PM
That's a wrap for Hexacon 2025!
We hope that you've enjoyed the event at least as much as we did 🤩
Please take a moment to fill out our satisfaction survey and help us make Hexacon 2026 even better 🔥
Thank you for trusting us year after year 🙏
We hope that you've enjoyed the event at least as much as we did 🤩
Please take a moment to fill out our satisfaction survey and help us make Hexacon 2026 even better 🔥
Thank you for trusting us year after year 🙏
Reposted by F4b
🎯 New training session: #ActiveDirectory Intrusion Tactics – Advanced Level
5 intense days diving into advanced AD intrusion techniques.
Don’t miss our upcoming offensive #cybersecurity courses!
🔗 www.synacktiv.com/en/offers/tr...
5 intense days diving into advanced AD intrusion techniques.
Don’t miss our upcoming offensive #cybersecurity courses!
🔗 www.synacktiv.com/en/offers/tr...
October 13, 2025 at 12:41 PM
🎯 New training session: #ActiveDirectory Intrusion Tactics – Advanced Level
5 intense days diving into advanced AD intrusion techniques.
Don’t miss our upcoming offensive #cybersecurity courses!
🔗 www.synacktiv.com/en/offers/tr...
5 intense days diving into advanced AD intrusion techniques.
Don’t miss our upcoming offensive #cybersecurity courses!
🔗 www.synacktiv.com/en/offers/tr...
Reposted by F4b
LLM Poisoning [1/3]: Local LLMs are vulnerable to supply chain attacks.
Inject a trigger-activated Trojan in a LLM. First step, build a probe to read a transformer's pre-down MLP activations to detect your chosen trojan trigger.
🔗 Full article www.synacktiv.com/en/publicati...
Inject a trigger-activated Trojan in a LLM. First step, build a probe to read a transformer's pre-down MLP activations to detect your chosen trojan trigger.
🔗 Full article www.synacktiv.com/en/publicati...
LLM Poisoning [1/3] - Reading the Transformer's Thoughts
LLM Poisoning [1/3] - Reading the Transformer's Thoughts
www.synacktiv.com
October 8, 2025 at 3:52 PM
LLM Poisoning [1/3]: Local LLMs are vulnerable to supply chain attacks.
Inject a trigger-activated Trojan in a LLM. First step, build a probe to read a transformer's pre-down MLP activations to detect your chosen trojan trigger.
🔗 Full article www.synacktiv.com/en/publicati...
Inject a trigger-activated Trojan in a LLM. First step, build a probe to read a transformer's pre-down MLP activations to detect your chosen trojan trigger.
🔗 Full article www.synacktiv.com/en/publicati...
Reposted by F4b
#LesAssises2025, here we go 🚀
Come and meet us at 𝘀𝘁𝗮𝗻𝗱 𝗙𝟮𝟴 to discuss your challenges and find out how we can strengthen your #cyber posture.
Adrien, Augustin and Neder will be on hand to answer all your questions and share their insights.
Seeing you there 🤝
Come and meet us at 𝘀𝘁𝗮𝗻𝗱 𝗙𝟮𝟴 to discuss your challenges and find out how we can strengthen your #cyber posture.
Adrien, Augustin and Neder will be on hand to answer all your questions and share their insights.
Seeing you there 🤝
October 8, 2025 at 10:29 AM
#LesAssises2025, here we go 🚀
Come and meet us at 𝘀𝘁𝗮𝗻𝗱 𝗙𝟮𝟴 to discuss your challenges and find out how we can strengthen your #cyber posture.
Adrien, Augustin and Neder will be on hand to answer all your questions and share their insights.
Seeing you there 🤝
Come and meet us at 𝘀𝘁𝗮𝗻𝗱 𝗙𝟮𝟴 to discuss your challenges and find out how we can strengthen your #cyber posture.
Adrien, Augustin and Neder will be on hand to answer all your questions and share their insights.
Seeing you there 🤝
Reposted by F4b
A look back at our ninjas' first day at @hexacon.bsky.social !
We are proud of our experts Quentin and Etienne, who are leading the ‘iOS for Security Engineers’ training course.
At the same time, Matthieu and Paul are hard at work on the ‘Azure intrusion for red teamers’ training course 🚀
We are proud of our experts Quentin and Etienne, who are leading the ‘iOS for Security Engineers’ training course.
At the same time, Matthieu and Paul are hard at work on the ‘Azure intrusion for red teamers’ training course 🚀
October 7, 2025 at 10:49 AM
A look back at our ninjas' first day at @hexacon.bsky.social !
We are proud of our experts Quentin and Etienne, who are leading the ‘iOS for Security Engineers’ training course.
At the same time, Matthieu and Paul are hard at work on the ‘Azure intrusion for red teamers’ training course 🚀
We are proud of our experts Quentin and Etienne, who are leading the ‘iOS for Security Engineers’ training course.
At the same time, Matthieu and Paul are hard at work on the ‘Azure intrusion for red teamers’ training course 🚀
Reposted by F4b
📢"Paint it Blue: Attacking the Bluetooth stack" by Mehdi Talbi and Etienne Helluy-Lafont
October 3, 2025 at 3:58 PM
📢"Paint it Blue: Attacking the Bluetooth stack" by Mehdi Talbi and Etienne Helluy-Lafont
Reposted by F4b
Tick tock... 7 days to go until #Hexacon2025 kicks off ⏳
The @synacktiv.com team can't wait to see you at this crucial event for the #cyber ecosystem.
Our experts will be on hand to discuss the latest innovations in pentesting and reverse engineering with you !
ℹ️ www.hexacon.fr
The @synacktiv.com team can't wait to see you at this crucial event for the #cyber ecosystem.
Our experts will be on hand to discuss the latest innovations in pentesting and reverse engineering with you !
ℹ️ www.hexacon.fr
Last sponsor to announce: Synacktiv! 🥷
@synacktiv.com strives to help firms evaluate and improve their IT security, everybody there is working to make it the 🇫🇷 standard in offensive security.
There will a be a lot of ninjas lurking around, feel free to reach them out!
@synacktiv.com strives to help firms evaluate and improve their IT security, everybody there is working to make it the 🇫🇷 standard in offensive security.
There will a be a lot of ninjas lurking around, feel free to reach them out!
October 3, 2025 at 9:22 AM
Tick tock... 7 days to go until #Hexacon2025 kicks off ⏳
The @synacktiv.com team can't wait to see you at this crucial event for the #cyber ecosystem.
Our experts will be on hand to discuss the latest innovations in pentesting and reverse engineering with you !
ℹ️ www.hexacon.fr
The @synacktiv.com team can't wait to see you at this crucial event for the #cyber ecosystem.
Our experts will be on hand to discuss the latest innovations in pentesting and reverse engineering with you !
ℹ️ www.hexacon.fr
Reposted by F4b
In our new blogpost, Alexandre Z. shows how one can abuse Unicode characters to bypass filters and abuse shell globbing, regexp, HTTP query parameters or WAFs when #MySQL strict SQL mode is off 👇
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
What could go wrong when MySQL strict SQL mode is off?
What could go wrong when MySQL strict SQL mode is off?
www.synacktiv.com
October 3, 2025 at 7:45 AM
In our new blogpost, Alexandre Z. shows how one can abuse Unicode characters to bypass filters and abuse shell globbing, regexp, HTTP query parameters or WAFs when #MySQL strict SQL mode is off 👇
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Reposted by F4b
Join us on 24 November for the Azure Intrusion Tactics training course 🛡️
Learn offensive techniques for compromising Azure environments. Realistic scenarios, stealthy approaches and cutting-edge expertise.
Information & registration 👇
www.synacktiv.com/en/offers/tr...
Learn offensive techniques for compromising Azure environments. Realistic scenarios, stealthy approaches and cutting-edge expertise.
Information & registration 👇
www.synacktiv.com/en/offers/tr...
October 3, 2025 at 2:26 PM
Join us on 24 November for the Azure Intrusion Tactics training course 🛡️
Learn offensive techniques for compromising Azure environments. Realistic scenarios, stealthy approaches and cutting-edge expertise.
Information & registration 👇
www.synacktiv.com/en/offers/tr...
Learn offensive techniques for compromising Azure environments. Realistic scenarios, stealthy approaches and cutting-edge expertise.
Information & registration 👇
www.synacktiv.com/en/offers/tr...
Reposted by F4b
Last sponsor to announce: Synacktiv! 🥷
@synacktiv.com strives to help firms evaluate and improve their IT security, everybody there is working to make it the 🇫🇷 standard in offensive security.
There will a be a lot of ninjas lurking around, feel free to reach them out!
@synacktiv.com strives to help firms evaluate and improve their IT security, everybody there is working to make it the 🇫🇷 standard in offensive security.
There will a be a lot of ninjas lurking around, feel free to reach them out!
October 3, 2025 at 8:16 AM
Last sponsor to announce: Synacktiv! 🥷
@synacktiv.com strives to help firms evaluate and improve their IT security, everybody there is working to make it the 🇫🇷 standard in offensive security.
There will a be a lot of ninjas lurking around, feel free to reach them out!
@synacktiv.com strives to help firms evaluate and improve their IT security, everybody there is working to make it the 🇫🇷 standard in offensive security.
There will a be a lot of ninjas lurking around, feel free to reach them out!
Reposted by F4b
📢"Inside Apple Secure Enclave Processor in 2025" by Quentin Salingue
October 2, 2025 at 3:21 PM
📢"Inside Apple Secure Enclave Processor in 2025" by Quentin Salingue