Our ninja Cybiosity explored Veeam Backup & Replication's metadata to remotely list backup restoration points. Read how a Velociraptor artifact can ease remote forensics of Veeam backups in our latest blogpost. synacktiv.com/publications/u…

In my new blog for Check Point Research I propose a new injection technique, using the Thread Name API - check it out! 💙

Neat tool to convert sigma rules to other detection / querying languages : github.com/magicsword-io/… Excited to see what it'll become over the years 👀

I’m giving away 10 FREE signed copies of our new book, Black Hat Bash! 🎉 Want one? Repost for a chance to win. #BlackHatBash #free #Giveaway

Parser for Windows 11 TabState artifact: github.com/AbdulRhmanAlfa… Really cool!

Looking for offensive trainings for the end of the year? We've got french sessions for you! Come and get trained by our best ninjas on pentesting Active Directory (2 levels available), cloud environments and attacking some hardware! 🇫🇷 More details here: synacktiv.com/en/offers/trai…

Half the tickets already sold! Checkout our four-day trainings on advanced AD and Azure exploitation and iOS internals at Hexacon in Paris this year (Sept 30th - Oct 3rd): 🌐 hexacon.fr/trainer/vincen… 🍎 hexacon.fr/trainer/meffre…

New Golang ransomware called HexaLocker and developed by a former LAPSUS$ administrator is advertised on Telegram channels. Based on a recent sample, ekt0 provides in-depth analysis of this new strain: synacktiv.com/publications/l…

The next article by Antoine Gql in our post-quantum series tackles hash-based signature schemes, including XMSS and the freshly standardized SLH-DSA (aka SPHINCS+). Sometimes, you don't need fancy maths to build robust schemes! synacktiv.com/publications/q…

We just rewrote the AsOutsider part of #AADInternals in Python to enhance compatibility and ease of use in Linux environments. You can find it here: github.com/synacktiv/AADO…

It's been really fun trying to fit my weird use case into Velociraptor ! There is still work to accomplish, but I like to think it could be useful in remote #Veeam #DFIR investigations.

A few months ago, the FreeBSD Foundation appointed us to audit two #FreeBSD critical components: the Bhyve hypervisor and the Capsicum sandboxing framework. Today, related advisories and patches have come out 🧵 1. Multiple vulnerabilities in libnv freebsd.org/security/advis…

New script to dump the KCM database of recent versions of SSSD and convert Kerberos tickets to the standard CCACHE format to ease pass-the-cache: github.com/synacktiv/kcmd…

Have you ever wondered how your PC communicates with an Android device when using adb? Check out our new blogpost! synacktiv.com/publications/d…

Dependency confusion attacks pose a significant threat to modern software development. In their blogpost, Scouty & Worty explain the risks and introduce DepFuzzer, a tool designed to detect vulnerabilities in your project dependencies: synacktiv.com/publications/f…

me after my pull request of fixing a typo gets merged into an open source project

Hello everyone! Our team loves everything related to LPE exploits. However, there is no publicly available list on the web with fresh LPE exploits (2023-2024) for Windows. However, we do have such a list. And we are sharing it with you! github.com/MzHmO/Exploit-…

If you're interested in detecting exploit scripts associated with these vulnerabilities, Sigma correlation rules are available right here: github.com/synacktiv/syna… Feel free to test them out, any feedback is appreciated 🙏

If you're interested in YARA and Sigma rules linked to this research, check them out on our dedicated repository: github.com/synacktiv/syna…

🚨 Still a few days to register for our Azure Intrusion for Red Teamers training at #BHUSA! Very hands-on, full kill chain from zero to Global Admin with stealth in mind. Secure your seat now! blackhat.com/us-25/training…