Here we are! Come by our booth and say hi 😀 #OffensiveCon

Our second talk of the day was Hooking Windows Named Pipes by Thomas

The last Sthack talk was David B talking about the Tesla WallConnector ⚡️

For the second year in a row, we managed to get first place at the #HackTheBox Business #CTF 2025! 🥇 Congratulations to GMOサイバーセキュリティ byイエラエ株式会社【公式】 and Downscope and thanks to Hack The Box for the fun challenges! 🥳

To those who set the bar 🥂 Global Cyber Skills Benchmark 2025 is over, and the leaderboard has spoken. Huge congrats to the top corporate #cybersecurity teams who crushed it in this global competition: 🥇 Synacktiv 🥈 GMOセキュリティ24 |Webサイトリスク・パスワード漏洩診断 | セキュリティAI相談 🥉 downscope.org #HackTheBox

We are at SSTIC! If you want to have a chat, our ninjas are easy to spot 🥷

For our second talk of the day, Florian presents Mofos, a virtual machines manipulation framework to mimic QubesOS on a standard Linux distribution #SSTIC2025

It's now time for aevy and Paul Barbe to present Azure conditional access policies ☁️ #SSTIC2025

For the final talk of the Synacktiv track, Antoine Gql and Oposs give a retex on post-quantum cryptography #SSTIC2025

We also gave a few short talks to end the day! #SSTIC2025

We still have a few talks for #SSTIC2025 last day! This morning, Hugo Clout presents 2 proxy tools used during pentests 🌐

For our last talk, @croco_byte explains how to exploit SCCM policies to harvest credentials 🔑 #SSTIC2025

Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by Guillaume André and Wil. synacktiv.com/publications/n…

☁️ Already wrapping up our 3-day offensive Azure training at #x33fcon! Huge thanks to the x33fcon team for hosting us, and to all our amazing students for their energy, curiosity, and sharp questions throughout the session. Now it’s time to switch gears — conference mode on! 🎤

On stage at #x33fcon for the lightning talks! Web payloads management, EDR bypasses and insights into CVE-2025-33073🔥

Our ninja kalimero is now on stage at #x33fcon to talk about his journey from dissecting SCCM until the discovery of the critical CVE-2024-43468 and the post-exploitation opportunities🔥

While performing penetration tests on SAP Financial Consolidation, our ninjas laxa and Alexis Danizan discovered an authentication bypass for local accounts including the built-in ADMIN account, leading to the underlying system compromise: synacktiv.com/en/advisories/…

🚨 Still a few days to register for our Azure Intrusion for Red Teamers training at #BHUSA! Very hands-on, full kill chain from zero to Global Admin with stealth in mind. Secure your seat now! blackhat.com/us-25/training…

Our experts took the stage at Pass the SALT Conference yesterday and this morning to present their latest offensive security research and tools! Keycloak, named pipes MITM and more! Slides and recordings coming soon 👀

gpoParser, which I presented at #leHACK2025 and #DEFCON, is available here: github.com/synacktiv/gpoP… It is a specialized utility designed to enumerate Group Policy Objects (GPOs) and identify potential security misconfigurations.