Karion
@karion23.bsky.social
Reposted by Karion
📣 Prochain Bière&Sécu Toulouse le mardi 2 décembre !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: beta.framadate.org/polls/606039...
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: beta.framadate.org/polls/606039...
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
Bière&Sécu Toulouse – Framadate BETA
beta.framadate.org
November 20, 2025 at 9:37 AM
📣 Prochain Bière&Sécu Toulouse le mardi 2 décembre !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: beta.framadate.org/polls/606039...
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: beta.framadate.org/polls/606039...
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
Reposted by Karion
Impressive work from our team today at #Pwn2Own!
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
October 22, 2025 at 3:36 PM
Impressive work from our team today at #Pwn2Own!
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
@mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device!
Great demonstration of Synacktiv’s offensive expertise 👏
Come on 🔥
Reposted by Karion
Congrats to tek and anyfun for landing the first successful entry at #Pwn2OwnCork - exploiting a stack overflow on Synology BeeStation Plus for $40,000 and 4 Master of Pwn points in the process 💥
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Let’s keep pushing 💪
#P2OIreland #Synacktiv
October 21, 2025 at 3:32 PM
Congrats to tek and anyfun for landing the first successful entry at #Pwn2OwnCork - exploiting a stack overflow on Synology BeeStation Plus for $40,000 and 4 Master of Pwn points in the process 💥
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Reposted by Karion
That's a wrap for Hexacon 2025!
We hope that you've enjoyed the event at least as much as we did 🤩
Please take a moment to fill out our satisfaction survey and help us make Hexacon 2026 even better 🔥
Thank you for trusting us year after year 🙏
We hope that you've enjoyed the event at least as much as we did 🤩
Please take a moment to fill out our satisfaction survey and help us make Hexacon 2026 even better 🔥
Thank you for trusting us year after year 🙏
October 13, 2025 at 2:38 PM
That's a wrap for Hexacon 2025!
We hope that you've enjoyed the event at least as much as we did 🤩
Please take a moment to fill out our satisfaction survey and help us make Hexacon 2026 even better 🔥
Thank you for trusting us year after year 🙏
We hope that you've enjoyed the event at least as much as we did 🤩
Please take a moment to fill out our satisfaction survey and help us make Hexacon 2026 even better 🔥
Thank you for trusting us year after year 🙏
Reposted by Karion
Last sponsor to announce: Synacktiv! 🥷
@synacktiv.com strives to help firms evaluate and improve their IT security, everybody there is working to make it the 🇫🇷 standard in offensive security.
There will a be a lot of ninjas lurking around, feel free to reach them out!
@synacktiv.com strives to help firms evaluate and improve their IT security, everybody there is working to make it the 🇫🇷 standard in offensive security.
There will a be a lot of ninjas lurking around, feel free to reach them out!
October 3, 2025 at 8:16 AM
Last sponsor to announce: Synacktiv! 🥷
@synacktiv.com strives to help firms evaluate and improve their IT security, everybody there is working to make it the 🇫🇷 standard in offensive security.
There will a be a lot of ninjas lurking around, feel free to reach them out!
@synacktiv.com strives to help firms evaluate and improve their IT security, everybody there is working to make it the 🇫🇷 standard in offensive security.
There will a be a lot of ninjas lurking around, feel free to reach them out!
Reposted by Karion
🚨 Time to reveal our first-class lineup for HEXACON 2025! ✨
A few training spots are still available if you want to join the party! 🎉
Unfortunately, trainings + conference packs are sold out
www.hexacon.fr/conference/s...
A few training spots are still available if you want to join the party! 🎉
Unfortunately, trainings + conference packs are sold out
www.hexacon.fr/conference/s...
Hexacon - Conference – Speakers
Discover the accepted talks for this edition!
www.hexacon.fr
September 12, 2025 at 9:12 AM
🚨 Time to reveal our first-class lineup for HEXACON 2025! ✨
A few training spots are still available if you want to join the party! 🎉
Unfortunately, trainings + conference packs are sold out
www.hexacon.fr/conference/s...
A few training spots are still available if you want to join the party! 🎉
Unfortunately, trainings + conference packs are sold out
www.hexacon.fr/conference/s...
Reposted by Karion
All responses to the Call for Papers have been sent! Check your inbox 📩
For those who missed the CFP, we will also have a lightning talks session:
⏳ 5-10 minutes presentations
🎁 Fun topics accepted
📵 Not recorded
Time to get your slides ready!
For those who missed the CFP, we will also have a lightning talks session:
⏳ 5-10 minutes presentations
🎁 Fun topics accepted
📵 Not recorded
Time to get your slides ready!
September 5, 2025 at 8:36 AM
All responses to the Call for Papers have been sent! Check your inbox 📩
For those who missed the CFP, we will also have a lightning talks session:
⏳ 5-10 minutes presentations
🎁 Fun topics accepted
📵 Not recorded
Time to get your slides ready!
For those who missed the CFP, we will also have a lightning talks session:
⏳ 5-10 minutes presentations
🎁 Fun topics accepted
📵 Not recorded
Time to get your slides ready!
Reposted by Karion
🔒 Can you really trust your zero trust? We (re)discovered a vulnerability in Zscaler Client Connector that allowed bypassing device posture checks, and it was still exploitable in the wild. Full technical deep dive + remediation tips 👉 www.synacktiv.com/en/publicati...
Should you trust your zero trust? Bypassing Zscaler posture checks
Introduction Posture checks are a key component of zero trust architectures.
www.synacktiv.com
August 8, 2025 at 12:56 PM
🔒 Can you really trust your zero trust? We (re)discovered a vulnerability in Zscaler Client Connector that allowed bypassing device posture checks, and it was still exploitable in the wild. Full technical deep dive + remediation tips 👉 www.synacktiv.com/en/publicati...
Reposted by Karion
@blackhoodie.bsky.social will be back at
@hexacon.bsky.social this year, and we're currently looking for former BlackHoodies who would be willing to give a training, between Oct 6 and 9! blackhoodie.re/Hexacon2025/
@hexacon.bsky.social this year, and we're currently looking for former BlackHoodies who would be willing to give a training, between Oct 6 and 9! blackhoodie.re/Hexacon2025/
BlackHoodie at Hexacon 2025
We’re thrilled to announce that Blackhoodie is coming to Paris forHexacon this fall!
blackhoodie.re
July 31, 2025 at 9:12 PM
@blackhoodie.bsky.social will be back at
@hexacon.bsky.social this year, and we're currently looking for former BlackHoodies who would be willing to give a training, between Oct 6 and 9! blackhoodie.re/Hexacon2025/
@hexacon.bsky.social this year, and we're currently looking for former BlackHoodies who would be willing to give a training, between Oct 6 and 9! blackhoodie.re/Hexacon2025/
Reposted by Karion
While performing security research on IoT control applications, @areizen.bsky.social and cyp discovered critical vulnerabilities in the mobile app for the Eachine E58 drone. These flaws could potentially lead to remote code execution on the user's smartphone.
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
From cheap IoT toy to your smartphone: Getting RCE by leveraging a companion app
As IoT adoption continues to grow, we explored the idea that instead of directly compromising IoT devices, an attacker could target the applications controlling them. This approach could potentially a
www.synacktiv.com
July 8, 2025 at 3:28 PM
While performing security research on IoT control applications, @areizen.bsky.social and cyp discovered critical vulnerabilities in the mobile app for the Eachine E58 drone. These flaws could potentially lead to remote code execution on the user's smartphone.
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Reposted by Karion
🚨 Still a few days to register for our Azure Intrusion for Red Teamers training at #BHUSA! Very hands-on, full kill chain from zero to Global Admin with stealth in mind. Secure your seat now! www.blackhat.com/us-25/traini...
July 2, 2025 at 9:27 AM
🚨 Still a few days to register for our Azure Intrusion for Red Teamers training at #BHUSA! Very hands-on, full kill chain from zero to Global Admin with stealth in mind. Secure your seat now! www.blackhat.com/us-25/traini...
Reposted by Karion
There are still seats available for our "iOS for Security Engineers" training at #HEXACON2025! Book it while it's hot 😉
Conference tickets are also still available if you register for a training.
Conference tickets are also still available if you register for a training.
iOS for Security Engineers
by Quentin Meffre (@0xdagger.bsky.social) & Etienne Helluy-Lafont
www.hexacon.fr/trainer/meff...
by Quentin Meffre (@0xdagger.bsky.social) & Etienne Helluy-Lafont
www.hexacon.fr/trainer/meff...
June 27, 2025 at 12:48 PM
There are still seats available for our "iOS for Security Engineers" training at #HEXACON2025! Book it while it's hot 😉
Conference tickets are also still available if you register for a training.
Conference tickets are also still available if you register for a training.
Reposted by Karion
🚗🔌 We reverse engineered the Tesla Wall Connector and uncovered a previously undocumented attack surface via the charging cable. From protocol analysis to code execution, a Pwn2Own Automotive 2025 exploit write-up.
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Exploiting the Tesla Wall connector from its charge port connector
An interesting attack surface Over the past few years, Synacktiv has been analyzing Tesla vehicles for the Pwn2Own competition.
www.synacktiv.com
June 17, 2025 at 2:27 PM
🚗🔌 We reverse engineered the Tesla Wall Connector and uncovered a previously undocumented attack surface via the charging cable. From protocol analysis to code execution, a Pwn2Own Automotive 2025 exploit write-up.
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Reposted by Karion
The "Objective-C helper" IDA plugin presented during the Sthack talk "Demystifying Objective-C internals" given by Victor Cutillas is now publicly available on GitHub at github.com/synacktiv/ob...
The slides are also available on our website: www.synacktiv.com/sites/defaul...
The slides are also available on our website: www.synacktiv.com/sites/defaul...
GitHub - synacktiv/objc-helper: IDA helper plugin to reverse engineer Objective-C code
IDA helper plugin to reverse engineer Objective-C code - synacktiv/objc-helper
github.com
June 12, 2025 at 3:09 PM
The "Objective-C helper" IDA plugin presented during the Sthack talk "Demystifying Objective-C internals" given by Victor Cutillas is now publicly available on GitHub at github.com/synacktiv/ob...
The slides are also available on our website: www.synacktiv.com/sites/defaul...
The slides are also available on our website: www.synacktiv.com/sites/defaul...
Reposted by Karion
We’re receiving a lot of requests to buy tickets, but the conference is sold out! Only tickets bundled with training are still available. You can also join the waiting list or submit a talk to our CFP (cfp.hexacon.fr/hexacon-2025/) 😉
Thank you all for your amazing support! 🙏
Thank you all for your amazing support! 🙏
Hexacon25
Schedule, talks and talk submissions for Hexacon25
cfp.hexacon.fr
June 12, 2025 at 8:34 AM
We’re receiving a lot of requests to buy tickets, but the conference is sold out! Only tickets bundled with training are still available. You can also join the waiting list or submit a talk to our CFP (cfp.hexacon.fr/hexacon-2025/) 😉
Thank you all for your amazing support! 🙏
Thank you all for your amazing support! 🙏
Reposted by Karion
Interested in vulnerabilities in old video games? 🎮
Check out our latest article written by @tomtombinary.bsky.social on Heroes of Might and Magic V 👇
www.synacktiv.com/en/publicati...
Check out our latest article written by @tomtombinary.bsky.social on Heroes of Might and Magic V 👇
www.synacktiv.com/en/publicati...
Exploiting Heroes of Might and Magic V
Introduction Heroes of Might and Magic V is a strategy video game developed by Nival Interactive.
www.synacktiv.com
June 10, 2025 at 10:00 AM
Interested in vulnerabilities in old video games? 🎮
Check out our latest article written by @tomtombinary.bsky.social on Heroes of Might and Magic V 👇
www.synacktiv.com/en/publicati...
Check out our latest article written by @tomtombinary.bsky.social on Heroes of Might and Magic V 👇
www.synacktiv.com/en/publicati...
Reposted by Karion
🔔 It is time to buy your HEXACON ticket!
💸 Discounted tickets are available (while supplies last) for students and professionals who do not receive support from their company. This approach is based on trust, but we may ask for proof.
www.hexacon.fr/register/
💸 Discounted tickets are available (while supplies last) for students and professionals who do not receive support from their company. This approach is based on trust, but we may ask for proof.
www.hexacon.fr/register/
June 2, 2025 at 1:59 PM
🔔 It is time to buy your HEXACON ticket!
💸 Discounted tickets are available (while supplies last) for students and professionals who do not receive support from their company. This approach is based on trust, but we may ask for proof.
www.hexacon.fr/register/
💸 Discounted tickets are available (while supplies last) for students and professionals who do not receive support from their company. This approach is based on trust, but we may ask for proof.
www.hexacon.fr/register/
Reposted by Karion
📢 Our Call For Papers is open until 14 July!
➡️ Details & benefits: www.hexacon.fr/conference/c...
Also, conference tickets will be on sale today at 4PM (UTC+2)
➡️ Details & benefits: www.hexacon.fr/conference/c...
Also, conference tickets will be on sale today at 4PM (UTC+2)
June 2, 2025 at 10:04 AM
📢 Our Call For Papers is open until 14 July!
➡️ Details & benefits: www.hexacon.fr/conference/c...
Also, conference tickets will be on sale today at 4PM (UTC+2)
➡️ Details & benefits: www.hexacon.fr/conference/c...
Also, conference tickets will be on sale today at 4PM (UTC+2)
Reposted by Karion
Our second talk of the day was Hooking Windows Named Pipes by Thomas
May 23, 2025 at 11:08 AM
Our second talk of the day was Hooking Windows Named Pipes by Thomas
Reposted by Karion
📣 Prochain Bière&Sécu Toulouse le mardi 10 juin !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: framadate.org/M8dPvbvdQNgL1i…
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: framadate.org/M8dPvbvdQNgL1i…
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
https://framadate.org/M8dPvbvdQNgL1i…
May 19, 2025 at 8:49 AM
📣 Prochain Bière&Sécu Toulouse le mardi 10 juin !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: framadate.org/M8dPvbvdQNgL1i…
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
🗓️ RDV au Rooster and Beer à partir de 18h30
👉 Framadate: framadate.org/M8dPvbvdQNgL1i…
🗣️ Contactez-nous si vous avez des sujets à présenter via Twitter, Bluesky ou Discord !
Reposted by Karion
We're sponsoring @offensivecon.bsky.social again this year. Meet our team at our booth in Berlin on May 16-17th, we’ll be around to chat! 🥷
May 14, 2025 at 8:39 AM
We're sponsoring @offensivecon.bsky.social again this year. Meet our team at our booth in Berlin on May 16-17th, we’ll be around to chat! 🥷
Reposted by Karion
🛎 Training ticket sales for HEXACON 2025 open TODAY at 2PM UTC+2!
Limited spots available 🔥
www.hexacon.fr/register/
Limited spots available 🔥
www.hexacon.fr/register/
Hexacon - Register
Offensive security conference organized by seasoned professionals, in the heart of Paris. 10-11th October 2025, save the date!
www.hexacon.fr
May 5, 2025 at 11:38 AM
🛎 Training ticket sales for HEXACON 2025 open TODAY at 2PM UTC+2!
Limited spots available 🔥
www.hexacon.fr/register/
Limited spots available 🔥
www.hexacon.fr/register/
Reposted by Karion
April 23, 2025 at 1:37 PM