@cryptax.bsky.social
Android malware analysis. Ph0wn CTF founder. IoT hacking. Frequent speaker at Virus Bulletin, Insomnihack etc. Based in France.
Currently testing Bluesky. Otherwise on Mastodon.social.
Currently testing Bluesky. Otherwise on Mastodon.social.
📅 March 13-14, 2026 - Sophia Antipolis, France
🤠 Prepare your best outfit for Ph0wn CTF's side event: the "Creative Contest". Come dressed up as a pirate, and get a chance to win a Hydrabus 😃
👉️ Details: ph0wn.org/contest/
#CTF #ph0wn2026 #pirate #flagship #hydrabus #hacker
Re-posts appreciated
🤠 Prepare your best outfit for Ph0wn CTF's side event: the "Creative Contest". Come dressed up as a pirate, and get a chance to win a Hydrabus 😃
👉️ Details: ph0wn.org/contest/
#CTF #ph0wn2026 #pirate #flagship #hydrabus #hacker
Re-posts appreciated
January 26, 2026 at 1:59 PM
📅 March 13-14, 2026 - Sophia Antipolis, France
🤠 Prepare your best outfit for Ph0wn CTF's side event: the "Creative Contest". Come dressed up as a pirate, and get a chance to win a Hydrabus 😃
👉️ Details: ph0wn.org/contest/
#CTF #ph0wn2026 #pirate #flagship #hydrabus #hacker
Re-posts appreciated
🤠 Prepare your best outfit for Ph0wn CTF's side event: the "Creative Contest". Come dressed up as a pirate, and get a chance to win a Hydrabus 😃
👉️ Details: ph0wn.org/contest/
#CTF #ph0wn2026 #pirate #flagship #hydrabus #hacker
Re-posts appreciated
Reposted
All hands on keyboard, pen to paper - Elbsides 2026 Call for Paper is open!!!
Make good on your New Year resolution to contribute to the infosec community and present on June 5th in Hamburg.
www.elbsides.eu/2026/cfp/
#elbsides2026 #CFPisopen #startwriting #infosec
Make good on your New Year resolution to contribute to the infosec community and present on June 5th in Hamburg.
www.elbsides.eu/2026/cfp/
#elbsides2026 #CFPisopen #startwriting #infosec
January 14, 2026 at 1:34 PM
All hands on keyboard, pen to paper - Elbsides 2026 Call for Paper is open!!!
Make good on your New Year resolution to contribute to the infosec community and present on June 5th in Hamburg.
www.elbsides.eu/2026/cfp/
#elbsides2026 #CFPisopen #startwriting #infosec
Make good on your New Year resolution to contribute to the infosec community and present on June 5th in Hamburg.
www.elbsides.eu/2026/cfp/
#elbsides2026 #CFPisopen #startwriting #infosec
FrangiPh0wn, the Ultimate Galette for Hackers and ph0wn CTF teaser, is up until Feb 9. Head to ctf.ph0wn.org, and find the trinkets!
Are you up to it? Only 15 participants flagged something up to now. Go for it!
#CTF #teaser #RF #OSINT #ph0wn #frangiph0wn
Are you up to it? Only 15 participants flagged something up to now. Go for it!
#CTF #teaser #RF #OSINT #ph0wn #frangiph0wn
January 10, 2026 at 12:38 PM
FrangiPh0wn, the Ultimate Galette for Hackers and ph0wn CTF teaser, is up until Feb 9. Head to ctf.ph0wn.org, and find the trinkets!
Are you up to it? Only 15 participants flagged something up to now. Go for it!
#CTF #teaser #RF #OSINT #ph0wn #frangiph0wn
Are you up to it? Only 15 participants flagged something up to now. Go for it!
#CTF #teaser #RF #OSINT #ph0wn #frangiph0wn
Ph0wn #CTF Teaser Announced for January!
We hope you get the right tools and skills for Xmas :D
Get ready! We will announce #FrangiPh0wn in January.
Keep an eye on ph0wn.org
We hope you get the right tools and skills for Xmas :D
Get ready! We will announce #FrangiPh0wn in January.
Keep an eye on ph0wn.org
December 16, 2025 at 3:55 PM
Ph0wn #CTF Teaser Announced for January!
We hope you get the right tools and skills for Xmas :D
Get ready! We will announce #FrangiPh0wn in January.
Keep an eye on ph0wn.org
We hope you get the right tools and skills for Xmas :D
Get ready! We will announce #FrangiPh0wn in January.
Keep an eye on ph0wn.org
Best talks, papers, CTF challenges, tools I encountered in the second half of 2025:
cryptax.github.io/nomination-2...
Congratulations to those who are listed, and kudos to others :)
cc: @trufae.bsky.social @uybhys.bsky.social @nst021.bsky.social @synacktiv.com
cryptax.github.io/nomination-2...
Congratulations to those who are listed, and kudos to others :)
cc: @trufae.bsky.social @uybhys.bsky.social @nst021.bsky.social @synacktiv.com
Cryptax Nomination Awards 2025 H2
Cryptax Nomination Awards. Lol. In other words, I’m listing my favorite talks, papers, challenges (etc) for the second half of 2025. Nothing more than that. Okay?
H2 2025 Category Nominated Best secur...
cryptax.github.io
December 16, 2025 at 11:04 AM
Best talks, papers, CTF challenges, tools I encountered in the second half of 2025:
cryptax.github.io/nomination-2...
Congratulations to those who are listed, and kudos to others :)
cc: @trufae.bsky.social @uybhys.bsky.social @nst021.bsky.social @synacktiv.com
cryptax.github.io/nomination-2...
Congratulations to those who are listed, and kudos to others :)
cc: @trufae.bsky.social @uybhys.bsky.social @nst021.bsky.social @synacktiv.com
Variants of 2025 of Symbiote and BPFDoor support IPv6, UDP communication with C2.
Reverse engineering the samples with r2ai and r2mcp.
www.fortinet.com/blog/threat-...
#malware #Linux #BPF #r2ai #r2mcp
Reverse engineering the samples with r2ai and r2mcp.
www.fortinet.com/blog/threat-...
#malware #Linux #BPF #r2ai #r2mcp
New eBPF Filters for Symbiote and BPFdoor Malware | FortiGuard Lab
FortiGuard Labs discovered new Symbiote and BPFDoor variants exploiting eBPF filters to enhance stealth through IPv6 support, UDP traffic, and dynamic port hopping for covert C2 communication.…
www.fortinet.com
December 8, 2025 at 8:40 AM
Ca va parler de Radare2, de Ghidra, de MCP et d'assembleur en tout genre. L'objectif est d'utiliser l'IA pour faciliter la rétro-ingénierie. L'IA ne fait pas tout (par exemple, elle ne fait pas les crêpes que je compte déguster sur place), mais elle aide ... si on sait l'utiliser.
Venez !
Venez !
#UYBHYS [Vendredi 7/11 10h] WORKSHOP de Axelle Apvrille (Fortinet) :
Reverse engineering with r2ai
unlockyourbrain.bzh/ateliers/
#UYBHYS25
Reverse engineering with r2ai
unlockyourbrain.bzh/ateliers/
#UYBHYS25
November 4, 2025 at 10:44 AM
Ca va parler de Radare2, de Ghidra, de MCP et d'assembleur en tout genre. L'objectif est d'utiliser l'IA pour faciliter la rétro-ingénierie. L'IA ne fait pas tout (par exemple, elle ne fait pas les crêpes que je compte déguster sur place), mais elle aide ... si on sait l'utiliser.
Venez !
Venez !
Reposted
#UYBHYS
A l'occasion de #UYBHYS25, de 10h à 17h les vendredi 7 et samedi 8 novembre, @ratzillas.bsky.social animera, sur le parvis du #Quartz à #Brest, un atelier de démonstration de "Car Hacking", accessible à toutes et tous sans inscription. 🙂
A l'occasion de #UYBHYS25, de 10h à 17h les vendredi 7 et samedi 8 novembre, @ratzillas.bsky.social animera, sur le parvis du #Quartz à #Brest, un atelier de démonstration de "Car Hacking", accessible à toutes et tous sans inscription. 🙂
November 3, 2025 at 11:43 AM
#UYBHYS
A l'occasion de #UYBHYS25, de 10h à 17h les vendredi 7 et samedi 8 novembre, @ratzillas.bsky.social animera, sur le parvis du #Quartz à #Brest, un atelier de démonstration de "Car Hacking", accessible à toutes et tous sans inscription. 🙂
A l'occasion de #UYBHYS25, de 10h à 17h les vendredi 7 et samedi 8 novembre, @ratzillas.bsky.social animera, sur le parvis du #Quartz à #Brest, un atelier de démonstration de "Car Hacking", accessible à toutes et tous sans inscription. 🙂
Reposted
#UYBHYS #UYBHYS25 #Brest
Il reste encore des places pour quelques ateliers de vendredi et pour la journée de conférences de samedi.
Billetterie : pretix.eu/cantine/UYBH...
Il reste encore des places pour quelques ateliers de vendredi et pour la journée de conférences de samedi.
Billetterie : pretix.eu/cantine/UYBH...
Unlock Your Brain, Harden Your System #UYBHYS !
7 Novembre 2025 – 8 Novembre 2025
pretix.eu
November 3, 2025 at 12:42 PM
#UYBHYS #UYBHYS25 #Brest
Il reste encore des places pour quelques ateliers de vendredi et pour la journée de conférences de samedi.
Billetterie : pretix.eu/cantine/UYBH...
Il reste encore des places pour quelques ateliers de vendredi et pour la journée de conférences de samedi.
Billetterie : pretix.eu/cantine/UYBH...
On Thursday afternoon, I am thrilled to give my first r2ai & ghidraMCP workshop at BruCON.
Pre-requisites: you are good to go if you already have reversed a binary (with whatever #disassembler, it doesn't matter) OR if you have basic skills and understanding in #assembly.
#mcp #LLM #AI
Pre-requisites: you are good to go if you already have reversed a binary (with whatever #disassembler, it doesn't matter) OR if you have basic skills and understanding in #assembly.
#mcp #LLM #AI
September 22, 2025 at 2:41 PM
On Thursday afternoon, I am thrilled to give my first r2ai & ghidraMCP workshop at BruCON.
Pre-requisites: you are good to go if you already have reversed a binary (with whatever #disassembler, it doesn't matter) OR if you have basic skills and understanding in #assembly.
#mcp #LLM #AI
Pre-requisites: you are good to go if you already have reversed a binary (with whatever #disassembler, it doesn't matter) OR if you have basic skills and understanding in #assembly.
#mcp #LLM #AI
Slides of my prez at Barb'hack: www.fortiguard.com/events/6189/...
Understand what a recent sample of Linux/Trigona #ransomware does.
Learn how to spot #AI errors (hallucinations, omissions etc), learn how to tweak context length, output token limits to get the best out of your model.
#barbhack25
Understand what a recent sample of Linux/Trigona #ransomware does.
Learn how to spot #AI errors (hallucinations, omissions etc), learn how to tweak context length, output token limits to get the best out of your model.
#barbhack25
Publications | FortiGuard Labs
<p>This talk presents 2 different Linux malware:</p><ul><li><p>a shellcode, named Linux/Shellcode_ConnectBack.H!tr. The binary is small and compact, but traditional disassemblers like Ghidra fail to p...
www.fortiguard.com
September 1, 2025 at 8:13 AM
Slides of my prez at Barb'hack: www.fortiguard.com/events/6189/...
Understand what a recent sample of Linux/Trigona #ransomware does.
Learn how to spot #AI errors (hallucinations, omissions etc), learn how to tweak context length, output token limits to get the best out of your model.
#barbhack25
Understand what a recent sample of Linux/Trigona #ransomware does.
Learn how to spot #AI errors (hallucinations, omissions etc), learn how to tweak context length, output token limits to get the best out of your model.
#barbhack25
I had (several) interesting questions yesterday on r2ai.
One of them was that, obviously the tool needed to be used by an experienced reverse engineer.
I'd like to comment a bit further.
I feel normal that such a tool cannot be used by total beginners. All jobs require some adequate training. 1/n
One of them was that, obviously the tool needed to be used by an experienced reverse engineer.
I'd like to comment a bit further.
I feel normal that such a tool cannot be used by total beginners. All jobs require some adequate training. 1/n
August 31, 2025 at 8:38 AM
I had (several) interesting questions yesterday on r2ai.
One of them was that, obviously the tool needed to be used by an experienced reverse engineer.
I'd like to comment a bit further.
I feel normal that such a tool cannot be used by total beginners. All jobs require some adequate training. 1/n
One of them was that, obviously the tool needed to be used by an experienced reverse engineer.
I'd like to comment a bit further.
I feel normal that such a tool cannot be used by total beginners. All jobs require some adequate training. 1/n
Barb'hack is over and it was a pleasure to attend: very nice folks, friendly organizers, excellent food, best rumps lol and a CTF with a videogame interface+ challenges on Minitel. I loved it! Kudos to the staff.
#barbhack25
#barbhack25
August 31, 2025 at 5:52 AM
Barb'hack is over and it was a pleasure to attend: very nice folks, friendly organizers, excellent food, best rumps lol and a CTF with a videogame interface+ challenges on Minitel. I loved it! Kudos to the staff.
#barbhack25
#barbhack25
I've very happy to speak at Barb'hack on Saturday.
barbhack.fr/2025/fr/conf...
There will be 2 demos.
One live.
One recorded - simply because I don't have the guts to do it live ;P
We reverse engineer Linux/Trigona and Linux/Shellcode with radare2 + AI + HI
HI standards for Human Intelligence ;P
barbhack.fr/2025/fr/conf...
There will be 2 demos.
One live.
One recorded - simply because I don't have the guts to do it live ;P
We reverse engineer Linux/Trigona and Linux/Shellcode with radare2 + AI + HI
HI standards for Human Intelligence ;P
August 25, 2025 at 10:57 AM
I've very happy to speak at Barb'hack on Saturday.
barbhack.fr/2025/fr/conf...
There will be 2 demos.
One live.
One recorded - simply because I don't have the guts to do it live ;P
We reverse engineer Linux/Trigona and Linux/Shellcode with radare2 + AI + HI
HI standards for Human Intelligence ;P
barbhack.fr/2025/fr/conf...
There will be 2 demos.
One live.
One recorded - simply because I don't have the guts to do it live ;P
We reverse engineer Linux/Trigona and Linux/Shellcode with radare2 + AI + HI
HI standards for Human Intelligence ;P
Overlays are often used in Android malware.
They are actually a burden to other domains such as browser extensions. This research, by Marek Toth, shows how click jacking [on hidden overlays] can trick the end-user in sharing his/her entire password manager.
marektoth.com/blog/dom-bas...
They are actually a burden to other domains such as browser extensions. This research, by Marek Toth, shows how click jacking [on hidden overlays] can trick the end-user in sharing his/her entire password manager.
marektoth.com/blog/dom-bas...
DOM-based Extension Clickjacking: Your Password Manager Data at Risk
I described a new attack technique that I used against 11 password managers. The result was that stored data of tens of millions of users could be at risk.
marektoth.com
August 21, 2025 at 8:43 AM
Overlays are often used in Android malware.
They are actually a burden to other domains such as browser extensions. This research, by Marek Toth, shows how click jacking [on hidden overlays] can trick the end-user in sharing his/her entire password manager.
marektoth.com/blog/dom-bas...
They are actually a burden to other domains such as browser extensions. This research, by Marek Toth, shows how click jacking [on hidden overlays] can trick the end-user in sharing his/her entire password manager.
marektoth.com/blog/dom-bas...
Reposted
Last chance to share your research at VB2025.
Whether you have fresh research, practical insights, or real-world case studies to share, now is your moment to step into the spotlight!
📅 24 Aug 2025 — only 5 days left
📍 Berlin. 24–26 Sept 2025
👉 tinyurl.com/3mccm8br
Whether you have fresh research, practical insights, or real-world case studies to share, now is your moment to step into the spotlight!
📅 24 Aug 2025 — only 5 days left
📍 Berlin. 24–26 Sept 2025
👉 tinyurl.com/3mccm8br
August 19, 2025 at 3:14 PM
Last chance to share your research at VB2025.
Whether you have fresh research, practical insights, or real-world case studies to share, now is your moment to step into the spotlight!
📅 24 Aug 2025 — only 5 days left
📍 Berlin. 24–26 Sept 2025
👉 tinyurl.com/3mccm8br
Whether you have fresh research, practical insights, or real-world case studies to share, now is your moment to step into the spotlight!
📅 24 Aug 2025 — only 5 days left
📍 Berlin. 24–26 Sept 2025
👉 tinyurl.com/3mccm8br
I love this kind of analysis 😍 Well done!
Exploiting the Thermomix.
Hey @synacktiv.com can you cook me a chocolate cake? ;-)
www.synacktiv.com/en/publicati...
Exploiting the Thermomix.
Hey @synacktiv.com can you cook me a chocolate cake? ;-)
www.synacktiv.com/en/publicati...
Let Me Cook You a Vulnerability: Exploiting the Thermomix TM5
Related Work The Thermomix TM5 has previously drawn the attention of the security community, notably through research presented by Jean-Michel Besnard at SSTIC 2019 [1], which described a code execut
www.synacktiv.com
July 16, 2025 at 10:10 AM
I love this kind of analysis 😍 Well done!
Exploiting the Thermomix.
Hey @synacktiv.com can you cook me a chocolate cake? ;-)
www.synacktiv.com/en/publicati...
Exploiting the Thermomix.
Hey @synacktiv.com can you cook me a chocolate cake? ;-)
www.synacktiv.com/en/publicati...
My blog post on how AI is reshaping malware and malware analysis is out: www.fortinet.com/blog/threat-...
Examples on Linux/Trigona, Linux/Prometei, Linux/Ladvix and Android/SpyLoan.
Enjoy.
#malware #r2ai #r2 #claude #delphi #trigona #rust #flutter
Examples on Linux/Trigona, Linux/Prometei, Linux/Ladvix and Android/SpyLoan.
Enjoy.
#malware #r2ai #r2 #claude #delphi #trigona #rust #flutter
Catching Smarter Mice with Even Smarter Cats | FortiGuard Labs
Explore how AI is changing the cat-and-mouse dynamic of cybersecurity, from cracking obfuscation and legacy languages to challenging new malware built with Flutter, Rust, and Delphi.…
www.fortinet.com
July 10, 2025 at 2:39 PM
W32/SkyAI uses AI? So do I.
cryptax.medium.com/w32-skyai-us...
- Where the malware loads the AI prompt, what for, why it fails.
- How to find the encryption key with AI
- Extract & decrypt the embedded PE
- How the malware checks if it's on a VM
- R2ai tips when curl argument is too long
cryptax.medium.com/w32-skyai-us...
- Where the malware loads the AI prompt, what for, why it fails.
- How to find the encryption key with AI
- Extract & decrypt the embedded PE
- How the malware checks if it's on a VM
- R2ai tips when curl argument is too long
W32/SkyAI uses AI? So do I.
A new sample, named W32/SkyAI (or Topozuy, or Skynet), has recently emerged, showing use of a AI prompt bypass attempt. Perfect occasion to…
cryptax.medium.com
July 4, 2025 at 12:43 PM
W32/SkyAI uses AI? So do I.
cryptax.medium.com/w32-skyai-us...
- Where the malware loads the AI prompt, what for, why it fails.
- How to find the encryption key with AI
- Extract & decrypt the embedded PE
- How the malware checks if it's on a VM
- R2ai tips when curl argument is too long
cryptax.medium.com/w32-skyai-us...
- Where the malware loads the AI prompt, what for, why it fails.
- How to find the encryption key with AI
- Extract & decrypt the embedded PE
- How the malware checks if it's on a VM
- R2ai tips when curl argument is too long
Reposted
June 30, 2025 at 4:27 PM
Vous connaissez les vidéos de @tixlegeek.bsky.social ? Avec cet adorable Tux animé ? Ben, ça me faisait trop envie. Alors j'ai fait pareil avec Pico le Croco ! J'ai repris les explications de
@tixlegeek.bsky.social dans le Twitch @laluka.bsky.social EP 193, et j'ai codé pour Pico :)
@tixlegeek.bsky.social dans le Twitch @laluka.bsky.social EP 193, et j'ai codé pour Pico :)
June 30, 2025 at 4:48 PM
Vous connaissez les vidéos de @tixlegeek.bsky.social ? Avec cet adorable Tux animé ? Ben, ça me faisait trop envie. Alors j'ai fait pareil avec Pico le Croco ! J'ai repris les explications de
@tixlegeek.bsky.social dans le Twitch @laluka.bsky.social EP 193, et j'ai codé pour Pico :)
@tixlegeek.bsky.social dans le Twitch @laluka.bsky.social EP 193, et j'ai codé pour Pico :)
Nicolas Rouvière, of Ph0wn and SHL, will show you how to use Qiling in practice, for dynamic binary emulation. Don't miss it: on-site at SHL (Vallauris), June 19 at 7pm.
In 2024, Nicolas used Qiling to solve the Ph0wn CTF teaser. See how here: github.com/ph0wn/writeu...
#qiling #CTF #binary
In 2024, Nicolas used Qiling to solve the Ph0wn CTF teaser. See how here: github.com/ph0wn/writeu...
#qiling #CTF #binary
June 17, 2025 at 8:14 AM
Nicolas Rouvière, of Ph0wn and SHL, will show you how to use Qiling in practice, for dynamic binary emulation. Don't miss it: on-site at SHL (Vallauris), June 19 at 7pm.
In 2024, Nicolas used Qiling to solve the Ph0wn CTF teaser. See how here: github.com/ph0wn/writeu...
#qiling #CTF #binary
In 2024, Nicolas used Qiling to solve the Ph0wn CTF teaser. See how here: github.com/ph0wn/writeu...
#qiling #CTF #binary
Hey, I'd like to share the best talks/papers/videos/tools/CTF challenges I encountered in 2025 H1.
This is the official "Cryptax Award 2025 H1" (lol). Congrats!
cryptax.github.io/nomination-2...
cc: @elbsides.bsky.social @northsec.io @radareorg.bsky.social @bsideskrs.bsky.social
This is the official "Cryptax Award 2025 H1" (lol). Congrats!
cryptax.github.io/nomination-2...
cc: @elbsides.bsky.social @northsec.io @radareorg.bsky.social @bsideskrs.bsky.social
Cryptax Nomination Awards 2025 H1
Cryptax Nomination Awards. Lol. In other words, I’m listing my favorite talks, papers, challenges (etc) for the first half of 2025. Nothing more than that. Okay?
H1 2025 Category Nominated Best cyberc...
cryptax.github.io
June 14, 2025 at 8:32 AM
Hey, I'd like to share the best talks/papers/videos/tools/CTF challenges I encountered in 2025 H1.
This is the official "Cryptax Award 2025 H1" (lol). Congrats!
cryptax.github.io/nomination-2...
cc: @elbsides.bsky.social @northsec.io @radareorg.bsky.social @bsideskrs.bsky.social
This is the official "Cryptax Award 2025 H1" (lol). Congrats!
cryptax.github.io/nomination-2...
cc: @elbsides.bsky.social @northsec.io @radareorg.bsky.social @bsideskrs.bsky.social