voydstack
@voydstack.re
Reposted by voydstack
Level up your pentesting skills in 2026 🚀
Join Synacktiv’s hands-on trainings: from Kubernetes & cloud hacks to web app attacks & AD intrusion.
More information & registration : www.synacktiv.com/en/offers/tr...
Join Synacktiv’s hands-on trainings: from Kubernetes & cloud hacks to web app attacks & AD intrusion.
More information & registration : www.synacktiv.com/en/offers/tr...
Les formations
Synacktiv
www.synacktiv.com
October 30, 2025 at 9:46 AM
Level up your pentesting skills in 2026 🚀
Join Synacktiv’s hands-on trainings: from Kubernetes & cloud hacks to web app attacks & AD intrusion.
More information & registration : www.synacktiv.com/en/offers/tr...
Join Synacktiv’s hands-on trainings: from Kubernetes & cloud hacks to web app attacks & AD intrusion.
More information & registration : www.synacktiv.com/en/offers/tr...
Reposted by voydstack
Following their presentation at @hexacon.bsky.social, @mtalbi.bsky.social & Etienne detail how they exploited CVE-2023-40129, a critical vulnerability affecting the Bluetooth stack in Android ⬇️
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Paint it blue: Attacking the bluetooth stack
Paint it blue: Attacking the bluetooth stack
www.synacktiv.com
October 27, 2025 at 4:02 PM
Following their presentation at @hexacon.bsky.social, @mtalbi.bsky.social & Etienne detail how they exploited CVE-2023-40129, a critical vulnerability affecting the Bluetooth stack in Android ⬇️
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Reposted by voydstack
$1,024,750 - 73 unique bugs - a week of amazing research on display. #Pwn2Own Ireland had it all. Success. Failure. Intrigue. You name it. Congratulations to the Master of Pwn winners @SummoningTeam! Their outstanding work earned them $187,500 and 22 point. See you in Tokyo for Pwn2Own Automotive.
October 24, 2025 at 10:49 AM
$1,024,750 - 73 unique bugs - a week of amazing research on display. #Pwn2Own Ireland had it all. Success. Failure. Intrigue. You name it. Congratulations to the Master of Pwn winners @SummoningTeam! Their outstanding work earned them $187,500 and 22 point. See you in Tokyo for Pwn2Own Automotive.
Reposted by voydstack
🎉 Big win at #Pwn2Own Cork!
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
October 23, 2025 at 12:35 PM
🎉 Big win at #Pwn2Own Cork!
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
@pol-y.bsky.social of #Synacktiv successfully breached the @Ubiquiti AI Pro surveillance system 🦈🎶
What a way to wrap up the challenge - congrats, @pol-y.bsky.social 💪
Reposted by voydstack
🎥 Eyes wide shut! David Berard of @synacktiv.com just breached the @Ubiquiti AI Pro surveillance system at #Pwn2Own. He also serenaded us with round of "Baby Shark" played through the speaker. He's off to the disclosure room with an ear worm and the details.
October 23, 2025 at 11:10 AM
🎥 Eyes wide shut! David Berard of @synacktiv.com just breached the @Ubiquiti AI Pro surveillance system at #Pwn2Own. He also serenaded us with round of "Baby Shark" played through the speaker. He's off to the disclosure room with an ear worm and the details.
Reposted by voydstack
Impressive work from our team today at #Pwn2Own!
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
October 22, 2025 at 3:36 PM
Impressive work from our team today at #Pwn2Own!
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
Reposted by voydstack
Congrats to tek and anyfun for landing the first successful entry at #Pwn2OwnCork - exploiting a stack overflow on Synology BeeStation Plus for $40,000 and 4 Master of Pwn points in the process 💥
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Let’s keep pushing 💪
#P2OIreland #Synacktiv
October 21, 2025 at 3:32 PM
Congrats to tek and anyfun for landing the first successful entry at #Pwn2OwnCork - exploiting a stack overflow on Synology BeeStation Plus for $40,000 and 4 Master of Pwn points in the process 💥
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Reposted by voydstack
A technical look at @grapheneos.org Hardened Malloc, a memory allocator designed to mitigate heap corruption vulnerabilities (UAF, overflows) and break common exploit primitives.
Deep dive for security researchers & exploit developers by @nicoski.bsky.social
www.synacktiv.com/en/publicati...
Deep dive for security researchers & exploit developers by @nicoski.bsky.social
www.synacktiv.com/en/publicati...
Exploring GrapheneOS secure allocator: Hardened Malloc
Exploring GrapheneOS secure allocator: Hardened Malloc
www.synacktiv.com
September 22, 2025 at 1:41 PM
A technical look at @grapheneos.org Hardened Malloc, a memory allocator designed to mitigate heap corruption vulnerabilities (UAF, overflows) and break common exploit primitives.
Deep dive for security researchers & exploit developers by @nicoski.bsky.social
www.synacktiv.com/en/publicati...
Deep dive for security researchers & exploit developers by @nicoski.bsky.social
www.synacktiv.com/en/publicati...
Reposted by voydstack
🚨 Time to reveal our first-class lineup for HEXACON 2025! ✨
A few training spots are still available if you want to join the party! 🎉
Unfortunately, trainings + conference packs are sold out
www.hexacon.fr/conference/s...
A few training spots are still available if you want to join the party! 🎉
Unfortunately, trainings + conference packs are sold out
www.hexacon.fr/conference/s...
Hexacon - Conference – Speakers
Discover the accepted talks for this edition!
www.hexacon.fr
September 12, 2025 at 9:12 AM
🚨 Time to reveal our first-class lineup for HEXACON 2025! ✨
A few training spots are still available if you want to join the party! 🎉
Unfortunately, trainings + conference packs are sold out
www.hexacon.fr/conference/s...
A few training spots are still available if you want to join the party! 🎉
Unfortunately, trainings + conference packs are sold out
www.hexacon.fr/conference/s...
Reposted by voydstack
Want to learn reverse engineering? There'll be a free, women*-only BlackHoodie workshop from October 6th to 9th in Paris!
Topics:
• Linux memory forensics 🕵️♀️ (by Sonia)
• Web app and mobile app pentesting 🕸️📱 (by Paula)
• iOS reversing 🍎 (by me)
Topics:
• Linux memory forensics 🕵️♀️ (by Sonia)
• Web app and mobile app pentesting 🕸️📱 (by Paula)
• iOS reversing 🍎 (by me)
September 10, 2025 at 7:52 PM
Want to learn reverse engineering? There'll be a free, women*-only BlackHoodie workshop from October 6th to 9th in Paris!
Topics:
• Linux memory forensics 🕵️♀️ (by Sonia)
• Web app and mobile app pentesting 🕸️📱 (by Paula)
• iOS reversing 🍎 (by me)
Topics:
• Linux memory forensics 🕵️♀️ (by Sonia)
• Web app and mobile app pentesting 🕸️📱 (by Paula)
• iOS reversing 🍎 (by me)
Reposted by voydstack
We've just released a tool to decrypt all Synology encrypted archives! We used it to compare SynologyPhotos versions and highlight our #Pwn2Own Ireland 2024 vulnerability on the BeeStation BST150-4T. Check out our blog post for more details.
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Extraction of Synology encrypted archives - Pwn2Own Ireland 2024
Context During Pwn2Own Ireland 2024 we targeted the BeeStation BST150-4T a NAS from Synology.
www.synacktiv.com
August 11, 2025 at 12:02 PM
We've just released a tool to decrypt all Synology encrypted archives! We used it to compare SynologyPhotos versions and highlight our #Pwn2Own Ireland 2024 vulnerability on the BeeStation BST150-4T. Check out our blog post for more details.
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Reposted by voydstack
We’re thrilled to welcoming back @interruptlabs.bsky.social
as an official sponsor of Hexacon!
Interrupt Labs works at the cutting edge of vulnerability research and exploit development and it’s always pleasure having the team on board! 🤗
as an official sponsor of Hexacon!
Interrupt Labs works at the cutting edge of vulnerability research and exploit development and it’s always pleasure having the team on board! 🤗
July 15, 2025 at 11:40 AM
We’re thrilled to welcoming back @interruptlabs.bsky.social
as an official sponsor of Hexacon!
Interrupt Labs works at the cutting edge of vulnerability research and exploit development and it’s always pleasure having the team on board! 🤗
as an official sponsor of Hexacon!
Interrupt Labs works at the cutting edge of vulnerability research and exploit development and it’s always pleasure having the team on board! 🤗
Reposted by voydstack
#ECSC2025 | 🐓 Découvrez la #TeamFrance 2025 !
🇫🇷 Sélectionnés à l'issue du FCSC, les joueurs de la Team France représenteront la drapeau tricolore à Varsovie, en Pologne, dans le cadre de l'European Cybersecurity Challenge.
🔔 RDV en octobre !
PS: #YouAreAllWinners
🇫🇷 Sélectionnés à l'issue du FCSC, les joueurs de la Team France représenteront la drapeau tricolore à Varsovie, en Pologne, dans le cadre de l'European Cybersecurity Challenge.
🔔 RDV en octobre !
PS: #YouAreAllWinners
June 23, 2025 at 12:51 PM
#ECSC2025 | 🐓 Découvrez la #TeamFrance 2025 !
🇫🇷 Sélectionnés à l'issue du FCSC, les joueurs de la Team France représenteront la drapeau tricolore à Varsovie, en Pologne, dans le cadre de l'European Cybersecurity Challenge.
🔔 RDV en octobre !
PS: #YouAreAllWinners
🇫🇷 Sélectionnés à l'issue du FCSC, les joueurs de la Team France représenteront la drapeau tricolore à Varsovie, en Pologne, dans le cadre de l'European Cybersecurity Challenge.
🔔 RDV en octobre !
PS: #YouAreAllWinners
Reposted by voydstack
🚗🔌 We reverse engineered the Tesla Wall Connector and uncovered a previously undocumented attack surface via the charging cable. From protocol analysis to code execution, a Pwn2Own Automotive 2025 exploit write-up.
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Exploiting the Tesla Wall connector from its charge port connector
An interesting attack surface Over the past few years, Synacktiv has been analyzing Tesla vehicles for the Pwn2Own competition.
www.synacktiv.com
June 17, 2025 at 2:27 PM
🚗🔌 We reverse engineered the Tesla Wall Connector and uncovered a previously undocumented attack surface via the charging cable. From protocol analysis to code execution, a Pwn2Own Automotive 2025 exploit write-up.
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Reposted by voydstack
🔔 It is time to buy your HEXACON ticket!
💸 Discounted tickets are available (while supplies last) for students and professionals who do not receive support from their company. This approach is based on trust, but we may ask for proof.
www.hexacon.fr/register/
💸 Discounted tickets are available (while supplies last) for students and professionals who do not receive support from their company. This approach is based on trust, but we may ask for proof.
www.hexacon.fr/register/
June 2, 2025 at 1:59 PM
🔔 It is time to buy your HEXACON ticket!
💸 Discounted tickets are available (while supplies last) for students and professionals who do not receive support from their company. This approach is based on trust, but we may ask for proof.
www.hexacon.fr/register/
💸 Discounted tickets are available (while supplies last) for students and professionals who do not receive support from their company. This approach is based on trust, but we may ask for proof.
www.hexacon.fr/register/
Reposted by voydstack
For the second year in a row, we managed to get first place at the #HackTheBox Business #CTF 2025! 🥇 Congratulations to GMO Cybersecurity and Downscope who complete the podium and thanks to @hackthebox.bsky.social ox.bsky.social for the fun challenges! 🥳
May 28, 2025 at 11:20 AM
For the second year in a row, we managed to get first place at the #HackTheBox Business #CTF 2025! 🥇 Congratulations to GMO Cybersecurity and Downscope who complete the podium and thanks to @hackthebox.bsky.social ox.bsky.social for the fun challenges! 🥳
Reposted by voydstack
📣 Prochain Bière&Sécu Toulouse le mardi 10 juin !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: framadate.org/M8dPvbvdQNgL1i…
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: framadate.org/M8dPvbvdQNgL1i…
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
https://framadate.org/M8dPvbvdQNgL1i…
May 19, 2025 at 8:49 AM
📣 Prochain Bière&Sécu Toulouse le mardi 10 juin !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: framadate.org/M8dPvbvdQNgL1i…
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: framadate.org/M8dPvbvdQNgL1i…
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
Reposted by voydstack
We're proud to announce the release of Binary Ninja 5.0. Here's some highlights: Union Support, Dyld Share Cache & Kernel Cache, Firmware Ninja, Auto Stack Arrays, Stack Structure Type Propagation, and so much more. Check out the blog post for more information: binary.ninja/2025/04/23/5...
April 23, 2025 at 8:06 PM
We're proud to announce the release of Binary Ninja 5.0. Here's some highlights: Union Support, Dyld Share Cache & Kernel Cache, Firmware Ninja, Auto Stack Arrays, Stack Structure Type Propagation, and so much more. Check out the blog post for more information: binary.ninja/2025/04/23/5...
Reposted by voydstack
iOS for Security Engineers
by Quentin Meffre (@0xdagger.bsky.social) & Etienne Helluy-Lafont
www.hexacon.fr/trainer/meff...
by Quentin Meffre (@0xdagger.bsky.social) & Etienne Helluy-Lafont
www.hexacon.fr/trainer/meff...
April 16, 2025 at 3:40 PM
iOS for Security Engineers
by Quentin Meffre (@0xdagger.bsky.social) & Etienne Helluy-Lafont
www.hexacon.fr/trainer/meff...
by Quentin Meffre (@0xdagger.bsky.social) & Etienne Helluy-Lafont
www.hexacon.fr/trainer/meff...
Reposted by voydstack
From firmware dumps to wireless exploration — check out our latest dive into DVB receiver analysis and the hidden attack surface it exposes!
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Hack the channel: A Deep Dive into DVB Receiver Security
Introduction During a garage cleaning, we found a DVB receiver and thought it would be a great target for vulnerability research.
www.synacktiv.com
April 9, 2025 at 6:36 AM
From firmware dumps to wireless exploration — check out our latest dive into DVB receiver analysis and the hidden attack surface it exposes!
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Reposted by voydstack
Don't forget @bieresecutls.bsky.social on Wednesday 9th before THCon, first round of drinks is on us 🍻
📢 Prochain Bière&Sécu mercredi 9 avril 🗓️ (veille de
Thcon) ! RDV à partir de 19h au Rooster and Beer🐔🍺
@synacktiv.com offrira la première tournée de bières 🍻.
Il n'y aura pas de présentation cette fois-ci mais n'hésitez pas à proposer des Rumps à THCon 😉
Thcon) ! RDV à partir de 19h au Rooster and Beer🐔🍺
@synacktiv.com offrira la première tournée de bières 🍻.
Il n'y aura pas de présentation cette fois-ci mais n'hésitez pas à proposer des Rumps à THCon 😉
April 7, 2025 at 8:49 AM
Don't forget @bieresecutls.bsky.social on Wednesday 9th before THCon, first round of drinks is on us 🍻
Reposted by voydstack
PagedOut! #6 magazine is out! This edition features two articles from our ninjas:
- Implicit Unicode behaviors in database string functions
- Calling Rust from Python: A story of bindings
Dive into their insights here: pagedout.institute
- Implicit Unicode behaviors in database string functions
- Calling Rust from Python: A story of bindings
Dive into their insights here: pagedout.institute
Paged Out!
Deeply technical zine. And it's free.
pagedout.institute
April 3, 2025 at 2:28 PM
PagedOut! #6 magazine is out! This edition features two articles from our ninjas:
- Implicit Unicode behaviors in database string functions
- Calling Rust from Python: A story of bindings
Dive into their insights here: pagedout.institute
- Implicit Unicode behaviors in database string functions
- Calling Rust from Python: A story of bindings
Dive into their insights here: pagedout.institute
Reposted by voydstack
Synacktiv is looking for an additional team leader in Paris for its Reverse-Engineering Team!
Find out if you are a good candidate by reading our offer (🇫🇷).
www.synacktiv.com/responsable-...
Find out if you are a good candidate by reading our offer (🇫🇷).
www.synacktiv.com/responsable-...
Responsable équipe reverse engineering
www.synacktiv.com
March 28, 2025 at 4:25 PM
Synacktiv is looking for an additional team leader in Paris for its Reverse-Engineering Team!
Find out if you are a good candidate by reading our offer (🇫🇷).
www.synacktiv.com/responsable-...
Find out if you are a good candidate by reading our offer (🇫🇷).
www.synacktiv.com/responsable-...
Reposted by voydstack
Interested in vulnerabilities in video games? 🎮
@tomtombinary.bsky.social presented critical flaws in Neverwinter Nights Enhanced Edition at #Hexacon, which could allow attackers to take control of players' computers. 🛡️
Check out the full details of these bugs!👇
www.synacktiv.com/en/publicati...
@tomtombinary.bsky.social presented critical flaws in Neverwinter Nights Enhanced Edition at #Hexacon, which could allow attackers to take control of players' computers. 🛡️
Check out the full details of these bugs!👇
www.synacktiv.com/en/publicati...
Exploiting Neverwinter Nights
Introduction Neverwinter Nights is an RPG based video game developed by BioWare and Obsidian Entertainment in 2002.
www.synacktiv.com
March 10, 2025 at 12:36 PM
Interested in vulnerabilities in video games? 🎮
@tomtombinary.bsky.social presented critical flaws in Neverwinter Nights Enhanced Edition at #Hexacon, which could allow attackers to take control of players' computers. 🛡️
Check out the full details of these bugs!👇
www.synacktiv.com/en/publicati...
@tomtombinary.bsky.social presented critical flaws in Neverwinter Nights Enhanced Edition at #Hexacon, which could allow attackers to take control of players' computers. 🛡️
Check out the full details of these bugs!👇
www.synacktiv.com/en/publicati...
Reposted by voydstack
📢 Prochain Bière&Sécu mercredi 9 avril 🗓️ (veille de
Thcon) ! RDV à partir de 19h au Rooster and Beer🐔🍺
@synacktiv.com offrira la première tournée de bières 🍻.
Il n'y aura pas de présentation cette fois-ci mais n'hésitez pas à proposer des Rumps à THCon 😉
Thcon) ! RDV à partir de 19h au Rooster and Beer🐔🍺
@synacktiv.com offrira la première tournée de bières 🍻.
Il n'y aura pas de présentation cette fois-ci mais n'hésitez pas à proposer des Rumps à THCon 😉
March 3, 2025 at 1:04 PM
📢 Prochain Bière&Sécu mercredi 9 avril 🗓️ (veille de
Thcon) ! RDV à partir de 19h au Rooster and Beer🐔🍺
@synacktiv.com offrira la première tournée de bières 🍻.
Il n'y aura pas de présentation cette fois-ci mais n'hésitez pas à proposer des Rumps à THCon 😉
Thcon) ! RDV à partir de 19h au Rooster and Beer🐔🍺
@synacktiv.com offrira la première tournée de bières 🍻.
Il n'y aura pas de présentation cette fois-ci mais n'hésitez pas à proposer des Rumps à THCon 😉