PwnMe CTF 2025 2025 finals were intense! 12 teams from 9 countries battled it out at ecole2600 25 hardcore challenges, 9h of hacking, pizza & passion🍕⚡ 🥇Huge GG to RedRocket.Club for the 1st place! Massive shoutout to all players, speakers, and sponsors. See you in 2026!

While casually reading Moodle's code @coiffeur0x90 found a SSRF bug exploitable by any authenticated user. Fun twist? This vuln matches exactly the example Orange Tsai 🍊 presented at Black Hat 2017. Real life imitates conference slides 😅 Details here: blog.quarkslab.com/auditing-moodl…

During last week, I've played FCSC2025 and managed to reach first place in the web category ! I've written two writeups this year: one about pwning a Chrome extension, and another about a PostgREST service. worty.fr/post/writeups/… worty.fr/post/writeups/… Enjoy the read !

The #FCSC2025 ended yesterday, and my write-ups are now available here 👇 mizu.re/post/fcsc-2025… Btw, like every year, all the challenges have also been added to hackropole.fr! 🚩 1/2

Look at those cute little blobs in your internal network. They look harmless, but how about the one carrying SOCKS? It's ProxyBlob, a reverse proxy over Azure. Check out Atsika's article on how it came to exist after an assumed breach mission ⤵️ 👉 blog.quarkslab.com/proxyblobing-i…

ProxyBlob is alive ! We’ve open-sourced our stealthy reverse SOCKS proxy over Azure Blob Storage that can help you operate in restricted environments 🔒 🌐 github.com/quarkslab/prox… Blog post for more details right below ⬇️

Quarkslab was glad to sponsor the Real World Cryptography Paris Meetup 4 hosted by Ledger last night. Julio Loayza Meneses talked about crypto-condor, our open source tool to test cryptography implementations. You can learn more about it here: quarkslab.github.io/crypto-condor/…

Our client base has been feeding us rumours about in-the-wild exploited SonicWall SMA n-days (CVE-2023-44221, CVE-2024-38475) for a while... Given these are now CISA KEV, enjoy our now public analysis and reproduction :-) labs.watchtowr.com/sonicboom-from…

🎤 "How we successfully failed a Red Team ?" Un talk drôle et formateur par Rayan Bouyaiche (rayanlecat ) & Brahim El Fikhi sur leur 1ère mission Red Team : fails, réussites, intrusion physique & conseils pour les juniors en cyber. 🔥 #CTF #RedTeam #CyberSecurity

Back in December, we disclosed numerous vulnerabilities to SysAid (who struggle to use email, it seems..) - eventually building a full pre-auth RCE chain. Join us on yet another journey..... labs.watchtowr.com/sysowned-your-…

pappy from quarkslab, our keynote speaker marks the start of 2nd edition of Off-By-One Conference with his highly anticipated presentation 𝐒𝐩𝐲𝐰𝐚𝐫𝐞 𝐟𝐨𝐫 𝐫𝐞𝐧𝐭 & 𝐭𝐡𝐞 𝐰𝐨𝐫𝐥𝐝 𝐨𝐟 𝐨𝐟𝐟𝐞𝐧𝐬𝐢𝐯𝐞 𝐜𝐲𝐛𝐞𝐫! Off-By-One Conference go! 🚀

Tom Mansion from quarkslab in action! After a game of hide and seek, we now 𝐒.𝐇.𝐈.𝐄.𝐋.𝐃: 𝐒𝐜𝐮𝐝𝐨 𝐇𝐞𝐚𝐩 𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧 𝐄𝐱𝐩𝐥𝐨𝐢𝐭𝐬, 𝐋𝐞𝐚𝐤𝐬, 𝐚𝐧𝐝 𝐃𝐞𝐟𝐞𝐧𝐬𝐞𝐬 at Off-By-One Conference 2025!

publication of my latest modest paper; Eclipse on Next.js: Conditioned exploitation of an intended race-condition - (CVE-2025-32421) enabling a partial bypass of my previous vulnerability, CVE-2024-46982 by chaining a race-condition to a cache-poisoning zhero-web-sec.github.io/research-and-t…

Attention all #OSINT enthusiasts! 🌐 Join us for an exciting event at leHACK #OsintVillage2025 in Paris on Friday, June 27th. 🗓️ We're hosting an in-person Trace Labs Search Party to support the vital mission of accelerating the reunification of missing persons. 🌍

🚨 Réservez vos places pour #HackIn2025 ! 🚨 📅 14-15 juin @ Aix-en-Provence 🎤 Conférences top avec @agarri_fr, rayanlecat, @Shutdown, mpgn + surprise ! 💻 CTF nocturne avec 2000€ et plein de lots à gagner 🎁 Inscrivez-vous vite 👉 lnkd.in/eQkgD5sG

Looking forward to returning to x33fcon with a brand new talk on bringing your own OIDC provider and play around with Entra external auth methods, federated credentials, and more!

Next week I’ll be at Hack'In giving a talk with NOODLE, and I’ve created an Active Directory lab for the CTF. If you’re interested, grab your spot ➡️ helloasso.com/associations/h…

🚀 Alpha drop: TTP.Exchange is live! A gated marketplace where vetted security researchers & red-teamers trade battle-tested TTPs that still beat modern defenses. Explore, stress-test, and send us your feedback so we can build it right. 🔐🛠️

🔍 New research on a niche technique to abuse "GPP Local Users and Groups" to elevate privileges locally through sAMAccountName hijacking. This research comes with a new GPOHound update to detect this misconfiguration. 🔗 Read more: cogiceo.com/en/whitepaper_…

Can you get them all 🔥 CTF still on going, good luck everyone !