vic

144 posts

vic

@v1csec

Security researcher @Synacktiv — CTF organizer @sth4ck

France Katılım Aralık 2012

602 Takip Edilen867 Takipçiler

vic@v1csec·15 Haz

Userland iOS aficionados, I released a simple IDA plugin that should improve your Objective-C experience. For now it removes ARC function calls in decompiled code (eg objc_retain) and helps listing candidate callers to a method. Check it out at github.com/synacktiv/objc…

Synacktiv@Synacktiv

The "Objective-C helper" IDA plugin presented during the @sth4ck talk "Demystifying Objective-C internals" given by @v1csec is now publicly available on GitHub at github.com/synacktiv/objc… The slides are also available on our website: synacktiv.com/sites/default/…

English

1.3K

vic retweetledi

Synacktiv@Synacktiv·8 Oca

Have you ever wondered what the attack surface of Counter Strike: Global Offensive looks like? Our ninjas @myr463 and @v1csec studied it and found a server to client bug! Read more details about this research in our latest blogpost. synacktiv.com/publications/e…

English

103

304

23.3K

vic retweetledi

Synacktiv@Synacktiv·5 Oca

Our ninja @masthoon solved a tough challenge during @PotluckCTF with an ingenious approach: he built a decompiler for a custom ISA by lifting instructions to Binary Ninja IL. Read the "Pot of Gold" write-up (kudos to @bl4sty for creating the challenge): synacktiv.com/publications/l…

English

176

14.5K

vic retweetledi

Synacktiv@Synacktiv·18 Ara

To facilitate reverse-engineering of large programs, vulnerability research and root-cause analysis on iOS, Android, and other major platforms, @myr463 and @Hexabeast released Frinet, a tool combining Frida with an enhanced version of Tenet. synacktiv.com/publications/f…

English

168

442

34K

vic retweetledi

Synacktiv@Synacktiv·1 Eyl

Sometimes simple is best. See how @SidewayRE exploited a 9-year-old Linux kernel bug at #Pwn2Own Vancouver 2023! synacktiv.com/publications/o…

English

187

15K

vic retweetledi

TheZDIBugs@TheZDIBugs·7 Tem

[ZDI-23-900|CVE-2023-35001] (Pwn2Own) Linux Kernel nftables Incorrect Pointer Scaling Local Privilege Escalation Vulnerability (CVSS 7.8; Credit: Tanguy DUBROCA (@SidewayRE) from Synacktiv (@Synacktiv)) zerodayinitiative.com/advisories/ZDI…

English

3.1K

vic retweetledi

Hexacon@hexacon_fr·12 May

🍏iOS is all the rage nowadays: that's where the good stuff is located for nation-state attackers and  is gulping down every world-class researcher it can hire … Bootstrap your iOS research at #HEXACON2023 thanks to @v1csec and Etienne Helluy-Lafont: hexacon.fr/trainer/cutill…!

English

15.6K

vic@v1csec·10 May

@hexacon_fr @Synacktiv More information is available here: hexacon.fr/trainer/cutill…

English

304

vic@v1csec·9 May

Do you want to get started in iOS security research? I am giving an iOS training at @hexacon_fr with another @Synacktiv ninja! See you there :)

GIF

Synacktiv@Synacktiv

#HEXACON2023 trainings have been announced! Come and register to our "iOS for Security Engineers" course 🍎

English

7.3K

vic@v1csec·3 Şub

@nolankrk @zozuar Speaking about uncomfortable stuff, this visual made me think of creepypasta "Username 666" :) youtube.com/watch?v=7iFXyL…

YouTube

English

353

yonatan@zozuar·2 Şub

#つぶやきGLSL twigl.app/?ol=true&ss=-N… vec2 n,q,p=(FC.xy-.5*r)/r.y; float d=dot(p,p),S=9.,i,a,j; for(mat2 m=rotate2D(5.);j++<30.;){ p*=m; n*=m; q=p*S+t*4.+sin(t*4.-d*6.)*.8+j+n; a+=dot(cos(q)/S,vec2(.2)); n-=sin(q); S*=1.2; } o+=(a+.2)*vec4(4,2,1,0)+a+a-d;

Français

130

965

8.5K

954.5K

vic retweetledi

Synacktiv@Synacktiv·18 Oca

Watchout! CVE-2023-22809 on Sudo was patched today to prevent a privilege escalation on sudoedit. Read the security advisory by @aevy__ and @v1csec: synacktiv.com/sites/default/…

English

153

300

49.9K

vic@v1csec·16 Eki

Definitely spent a very good time at @hexacon_fr! Amazing place, high quality talks and great people, what else could be said?

English

vic retweetledi

Quentin Texier 🦀@g0h4n_0·12 Eki

Today I share with you #RustHound🦀. A new AD collector written in #Rust for #BloodHound! It is cross-platform, cross-compiled and generates all json files needed. Other modules will be available as under development!🔥 Hope you will enjoy it! github.com/OPENCYBER-FR/R…

OPENCYBER@OPENCYBER_FR

@OPENCYBER_FR release #RustHound as open-source. A new AD collector written in #Rust for #BloodHound! It is cross-platform, cross-compiled and generates all JSON files needed. Other modules will be available as under development! opencyber.com/rusthound-data… github.com/OPENCYBER-FR/R…

English

203

vic@v1csec·16 Eki

J'ai eu l'occasion de donner mon premier talk "Attacking SUID binaries" à RumpÀRennes mardi soir ! Merci à @securinsa pour cette première édition organisée avec soins, je reviendrai avec plaisir :)

Français

vic retweetledi

Sécur'Insa@securinsa·16 Eki

.rar 0x1 c'est fini! Merci pour votre présence ! Nous remercions encore une fois @Synacktiv, qui nous a fait confiance, pour notre premier événement. Également les intervenants pour leur supers conférences. ⬇️👀📸@TheLaluka

Français

vic retweetledi

Synacktiv@Synacktiv·29 Eyl

[INTERNSHIPS 🇫🇷] We just published our offers for the 2022-2023 season! We're ready to be flooded by your resumes 😆 Apply now! #pentest #reverse #dev #infra #dfir synacktiv.com/nous-rejoindre…

English

vic@v1csec·4 Eki

Content de participer en tant que speaker à cette première édition de @securinsa ! Il est temps de partager l'expérience acquise à @Synacktiv :)

Sécur'Insa@securinsa

[J-13] À 20h25, on passera à “Attacking SUID binaries” qui sera présentée par @v1csec à 20h25.

Français

vic retweetledi

Sécur'Insa@securinsa·14 Eyl

SAVE THE DATE - Mardi 11 octobre 20h00 - 01h Pour prendre vos places, c'est ici à 18h: helloasso.com/associations/s…

Sécur'Insa@securinsa

SAVE THE DATE - Mardi 11 octobre 20h30 - 01h C'est avec plaisir que nous annonçons le premier event de Sécur'Insa: Rumps à Rennes. Au foyer de l'INSA Rennes le 11 octobre prochain 😎 Vous avez une idée de talk ? Alors stay tuned pour l'ouverture du CFP !

Français

vic retweetledi

Hexacon@hexacon_fr·18 Mar

Croissants, red wine and high-quality offensive security talks in a wonderful place? That's all the Hexacon team is promising for October 2022. Details and Call For Papers are coming very soon... Until then, a bit more teasing for you folks: hexacon.fr #HEXACON2022

English

118

vic retweetledi

Benjamin Chetioui - @bchetioui@bsky.social

Benjamin Chetioui - @[email protected]@_SIben_·3 Oca

PhD candidate in Programming Languages nearing thesis submission looking for (ideally remote) positions from Oslo, Norway. Some topics I'm interested in are compilers, verification, security, and cryptography. DM for resume! RTs appreciated😊

English

Keşfet

@myr463 @masthoon @PotluckCTF @bl4sty @Hexabeast @SidewayRE @Synacktiv @hexacon_fr