SPONSOR
Next, we continue our tour by warmly welcoming #Synacktiv as a #pts23 Silver sponsor! 💙

We are **really** grateful to the company for supporting us since 2019 🙏

#Synacktiv provides you Security services (audits, pentests ...), security products, trainings and CSIRT services.

On the FLOSS side, @Synacktiv ninjas often audit Free Software projects as CVE-2023-22809 found on Sudo has recently proved it 👍

Ref : https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf

@0xMitsurugi the offsec session of @passthesaltcon usually provided at approx. 75% by ... #synacktiv 😅​

Great primer on #Windows authentication mechanisms over HTTP by #Synacktiv

https://www.synacktiv.com/publications/dissecting-ntlm-epa-with-love-building-a-mitm-proxy.html

https://www.synacktiv.com/en/publications/a-study-on-windows-http-authentication-part-ii.html

https://github.com/synacktiv/Prox-Ez

The #Synacktiv team succeeds in exploiting a #Canon printer, however, they used a bug previously seen in the contest. They win $5,000 and 1 Master of Pwn point.

I really enjoyed to go through this slides and to learn how this amazing guys pwned the #Sonos One Speaker.

Always good to see write-ups in such a great quality.
https://www.synacktiv.com/sites/default/files/2022-11/sonos.pdf

#synacktiv #infosec #pwn

Canon patched the heap overflow vulnerability in CADM service in ~2 months. Honestly, that's impressive. #pwn2own2021 #BlackAlps22 #synacktiv