Mobile banking is often more secure than web banking, thanks to closed operating systems. In today’s climate of economic uncertainty and the need for tighter financial control, securing mobile banking apps isn’t optional; it’s essential. Is your mobile app built with security at

Excellent presentation from Nathan Blondel on bypassing kCET, HVCI, & working with the shadow stack! Follow him! Recording below. I'm giving away a $100 Amazon gift card to whoever leaves the most interesting question on YouTube related to the stream! youtube.com/live/g4RbPzaMa…

My talk about the recent SMM architecture and security at TheSAS2025 : youtube.com/watch?v=AIGj6Q… The conference was well organized and had plenty of networking opportunities. Though, the best thing was the venue :) It is at a beautiful resort again this year, so you will love it.

🙋We've created a new Requests For Proposals (RFPs) page seeking instructors for classes we could potentially fund the development of in the future thanks to Partners (or potential Partners). Instructors and potential instructors should check it out here: ost2.fyi/Training-RFPs.…

Really nice

This tool is just amazing ! Give it a try you will be surprised how it will make you pentesting life more comfortable ! inferieur 3

Some athletes swear by ice baths, infrared saunas and deep tissue massage. For this Catalan trail running and mountaineering icon, the secret to two decades of record-breaking performances is much simpler. bit.ly/3XLMl3Q

In recent incident responses with an Ivanti CSA compromise as the root cause, Synacktiv's CSIRT came across open-source tools used for post-exploitation. Our ninja Cybiosity explores their functionalities and discusses detection capabilities. synacktiv.com/en/publication…

We’re happy to announce a new Ostorlab release. This update introduces targeted Attack Surface scan profiles, GitHub integration for in-line vulnerability comments, and improved privacy analysis with 21 new data categories. We’ve also added QPS rate limiting, expanded

FastCGI library internals and exploitation synacktiv.com/en/publication… Credits Synacktiv #infosec

Last PR pushed! Here we go! Drive to the Atlas Mountains, then the Moroccan desert to pick roses in Megouna city What an adventure! Making the guys leave their computers, their lines of code, and their PRs for a road trip was the hardest part of it all. We went for more than

Our second talk of the day was Hooking Windows Named Pipes by Thomas

This is a good resource on how to use github.com/0vercl0k/wtf to find bugs in Microsoft's Defender Malware Protection Engine 🔥: labs.infoguard.ch/posts/attackin… by Manuel Feifel

Reverse Engineering iOS Shortcuts Deeplinks by Alex Beals blog.alexbeals.com/posts/reverse-…

Ca y est, le SSTIC 2025 a commencé, Jean-Romain Garnier vous présentera ses travaux sur l'outil afl-cov-fast aujourd'hui à 16h15. Venez nombreux !

Le #SSTIC 2025 continue, et Nicolas Devillers et Arnaud Fontaine vous présenteront leurs travaux sur la conception et l'usage de notre outil soxy le 6 Juin à 10h15. Venez nombreux !

I guess AI isn't all bad... I asked ChatGPT to explain to me why so many people without any visible talent are famous. Its fair response gave me hope. 😂

Windows Native API Programming course is now available on Trainsec! trainsec.net/courses/window…

We're excited to announce a major new release of x64dbg! The main new feature is support for bitfields, enums and anonymous types, which allows all types in the Windows SDK to be represented and displayed 🔥

If there's interest I was thinking about doing a stream for an hour this Friday while I'm teaching a class on introductory Windows exploit development. Next Friday I'm hoping to continue turning the recent patch diff we did on ole32.dll into a crash condition PoC.