Security researcher @Synacktiv — CTF organizer @sth4ck
Joined December 2012
- Tweets 144
- Following 600
- Followers 867
- Likes 474
8 Photos and videos
Userland iOS aficionados, I released a simple IDA plugin that should improve your Objective-C experience.
For now it removes ARC function calls in decompiled code (eg objc_retain) and helps listing candidate callers to a method. Check it out at github.com/synacktiv/objc-he…
12 Jun 2025
The "Objective-C helper" IDA plugin presented during the @sth4ck talk "Demystifying Objective-C internals" given by @v1csec is now publicly available on GitHub at github.com/synacktiv/objc-he…
The slides are also available on our website: synacktiv.com/sites/default/…
3
25
1,386
vic retweeted
8 Jan 2024
Have you ever wondered what the attack surface of Counter Strike: Global Offensive looks like? Our ninjas @myr463 and @v1csec studied it and found a server to client bug! Read more details about this research in our latest blogpost.
synacktiv.com/publications/e…
2
103
303
23,353
vic retweeted
5 Jan 2024
Our ninja @masthoon solved a tough challenge during @PotluckCTF with an ingenious approach: he built a decompiler for a custom ISA by lifting instructions to Binary Ninja IL. Read the "Pot of Gold" write-up (kudos to @bl4sty for creating the challenge): synacktiv.com/publications/l…
1
53
176
14,540
vic retweeted
18 Dec 2023
To facilitate reverse-engineering of large programs, vulnerability research and root-cause analysis on iOS, Android, and other major platforms, @myr463 and @Hexabeast released Frinet, a tool combining Frida with an enhanced version of Tenet.
synacktiv.com/publications/f…
1
167
439
34,093
vic retweeted
1 Sep 2023
Sometimes simple is best. See how @SidewayRE exploited a 9-year-old Linux kernel bug at #Pwn2Own Vancouver 2023!
synacktiv.com/publications/o…
2
90
186
15,033
vic retweeted
7 Jul 2023
[ZDI-23-900|CVE-2023-35001] (Pwn2Own) Linux Kernel nftables Incorrect Pointer Scaling Local Privilege Escalation Vulnerability (CVSS 7.8; Credit: Tanguy DUBROCA (@SidewayRE) from Synacktiv (@Synacktiv)) zerodayinitiative.com/adviso…
12
19
3,149
vic retweeted
12 May 2023
🍏iOS is all the rage nowadays: that's where the good stuff is located for nation-state attackers and is gulping down every world-class researcher it can hire …
Bootstrap your iOS research at #HEXACON2023 thanks to @v1csec and Etienne Helluy-Lafont: hexacon.fr/trainer/cutillas_…!
13
24
15,660
Do you want to get started in iOS security research? I am giving an iOS training at @hexacon_fr with another @Synacktiv ninja!
See you there :)
9 May 2023
#HEXACON2023 trainings have been announced! Come and register to our "iOS for Security Engineers" course 🍎
4
8
31
7,343
vic retweeted
18 Jan 2023
Watchout! CVE-2023-22809 on Sudo was patched today to prevent a privilege escalation on sudoedit. Read the security advisory by @aevy__ and @v1csec: synacktiv.com/sites/default/…
7
153
300
49,897
Definitely spent a very good time at @hexacon_fr! Amazing place, high quality talks and great people, what else could be said?
10
vic retweeted
12 Oct 2022
Today I share with you #RustHound🦀. A new AD collector written in #Rust for #BloodHound!
It is cross-platform, cross-compiled and generates all json files needed.
Other modules will be available as under development!🔥
Hope you will enjoy it!
github.com/OPENCYBER-FR/Rust…
12 Oct 2022
@OPENCYBER_FR release #RustHound as open-source. A new AD collector written in #Rust for #BloodHound!
It is cross-platform, cross-compiled and generates all JSON files needed.
Other modules will be available as under development!
opencyber.com/rusthound-data…
github.com/OPENCYBER-FR/Rust…
3
64
201
J'ai eu l'occasion de donner mon premier talk "Attacking SUID binaries" à RumpÀRennes mardi soir !
Merci à @securinsa pour cette première édition organisée avec soins, je reviendrai avec plaisir :)
1
28
vic retweeted
16 Oct 2022
.rar 0x1 c'est fini!
Merci pour votre présence ! Nous remercions encore une fois @Synacktiv, qui nous a fait confiance, pour notre premier événement.
Également les intervenants pour leur supers conférences.
⬇️👀📸@TheLaluka
2
6
21
Content de participer en tant que speaker à cette première édition de @securinsa !
Il est temps de partager l'expérience acquise à @Synacktiv :)
28 Sep 2022
[J-13] À 20h25, on passera à “Attacking SUID binaries” qui sera présentée par @v1csec à 20h25.
1
2
23
vic retweeted
14 Sep 2022
SAVE THE DATE - Mardi 11 octobre 20h00 - 01h
Pour prendre vos places, c'est ici à 18h: helloasso.com/associations/s…
24 Aug 2022
SAVE THE DATE - Mardi 11 octobre 20h30 - 01h
C'est avec plaisir que nous annonçons le premier event de Sécur'Insa: Rumps à Rennes.
Au foyer de l'INSA Rennes le 11 octobre prochain 😎
Vous avez une idée de talk ? Alors stay tuned pour l'ouverture du CFP !
2
11
16
vic retweeted
18 Mar 2022
Croissants, red wine and high-quality offensive security talks in a wonderful place? That's all the Hexacon team is promising for October 2022.
Details and Call For Papers are coming very soon... Until then, a bit more teasing for you folks: hexacon.fr/
#HEXACON2022
1
86
118
vic retweeted
3 Jan 2022
PhD candidate in Programming Languages nearing thesis submission looking for (ideally remote) positions from Oslo, Norway. Some topics I'm interested in are compilers, verification, security, and cryptography. DM for resume! RTs appreciated😊
5
58
68
vic retweeted
5 Nov 2021
We did it 😃! What a blast to be part of a team able to claim the title of Master of Pwn! Kudos to all other participants and to @thezdi for the flawless organization.
Let’s wait for the patches, then we’ll share the technical details with the community 🤙
5 Nov 2021
Here are the final Master of Pwn standings. Congrats to @Synacktiv on claiming the title. It was a close race, but they pull through.
7
32
188