Stéphane Emma

A HUGE thank you to everyone who made this our biggest FLARE On challenge yet! You can get all of the solutions to #FLAREOn6 on our blog: http://bit.ly/2nkMnRy pic.twitter.com/jAjmVPbOmX

A tous les francophones passionnés d'#impression3D, d'#imprimante3D, de #DIY, d'#arduino, etc. J'ai créé une instance RocketChat afin de pouvoir échanger sur ces sujets. L'accès est ouvert à tous. Plus d'info: http://paul3ddesign.com/chat.html  N'hésitez pas à partager et à RTpic.twitter.com/vOAfZwJ2Wy

Are you interested by more #DNS hijacking? Look at our #SeaTurtle research: https://blog.talosintelligence.com/2019/04/seaturtle.html?m=1 … We identified an actor (different than DNSpionage) targeting primarily national security organizations in the Middle East and North Africa. The modus operandi is really smart...pic.twitter.com/ZwEuZVi7PE

PoC||GTFO Issue 0x19 has now been processed by the amazing Internet archive, so you can now read it online without downloading anything. https://github.com/angea/pocorgtfo/blob/master/README.md#0x19 …pic.twitter.com/YckABqQGI4

Slides + Demo (functional this time ^^) + source code commited on my Github repository https://github.com/kmkz/PowerShell/tree/master/BsidesDublin-2019 … #bsidesdub2019 #BSidesDublin cc @BSidesDublin @Securityblog and others !! Thank you for this opportunitypic.twitter.com/OJzTOJrNmH

Our research about #GlitchPOS is online: https://blog.talosintelligence.com/2019/03/glitchpos-new-pos-malware-for-sale.html … A #POS malware developed by the author of #DiamondFox. It's interesting to see that someone stole his work & is trying to sell it on another platform. Look the promotion video, we put in the post with @SecurityBeardpic.twitter.com/tH446NupgU

only few days after #offensivecon19 : firmware extract. (cc @defane), emulation, fuzzing->1st #IoT stack based BoF triggered and it will not be the last one I think (NX only) thx @therealsaumil for the training :Dpic.twitter.com/eoj20Al03n

macOS: how to gain root with CVE-2018-4193 in < 10s https://www.synacktiv.com/ressources/OffensiveCon_2019_macOS_how_to_gain_root_with_CVE-2018-4193_in_10s.pdf … #MacOS #Vulnerability #Exploit #ExploitDev #Pentestpic.twitter.com/77TTVncDv4

A bit old but could be useful for ur next #pentest : full #RCE for stored #XSS and more through (not up-to-date) Edge/I.E browsers. #CVE-2018-8495 payload: https://github.com/kmkz/exploit/blob/master/CVE-2018-8495.html … - Initial paper https://leucosite.com/Microsoft-Edge-RCE/ … #Pentesting #pentestpic.twitter.com/dh1RoAZ0W1

Post @offensive_con ARM exploitation challenges for students and non-students alike: warm up #DVAR Damn Vulnerable ARM Router: https://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html … Next smash the ARM ROP challenge: https://blog.exploitlab.net/2018/03/dvar-rop-challenge-bonus-round-unlocked.html … Next ARM IoT Exploitlab #cansecwest https://cansecwest.com/dojos/2019/exploitlab.html …pic.twitter.com/1AOMzSKUYR