Pentest, Reverse, Développement

1850

COMPLETED
MISSIONS

1850 services were carried out by Synacktiv teams since the creation of the company. Initially specialized in penetration tests and security audits, Synacktiv is now able to meet different needs thanks to its four areas of expertise: pentest, reverse engineering, development and incident response.

188

REGULAR
CLIENTS

Synacktiv has worked with 188 clients so far. We consider our clients as partners with whom it is essential to build trust relationships.

MARKETED
TOOLS

We sell 5 tools dedicated to intrusion tests. These tools are developed internally and allow you to automate and optimize your security tests.

210

PUBLICATIONS

Our employees have written 210 publications over the last few years. These articles tackle various topics and reflect the knowledge and skills developed by our experts.

Vulnérabilité identifiée - Cybersécurité Paris

150

IDENTIFIED
VULNERABILITIES

150 public vulnerabilities have been identified by our team members as of today. This figure reinforces the importance of conducting security audits on a regular basis or calling on reverse engineering teams to ensure the integrity of your information system is safeguarded.

WHO CAN ASSERT NOT TO OWN ANY CONNECTED DEVICE NOWADAYS? COMPUTERS, SMARTPHONES, TABLETS, TELEVISIONS, DOMOTICS ... WE LIVE IN AN ULTRA-CONNECTED WORLD AND THIS IS NOT LIKELY TO CHANGE ANYTIME SOON.

Information has become the most valuable asset in the social, political and industrial contexts. Therefore, the protection of information assets often turns out to be crucial when it comes to ensuring the sustainability of industrial or state organizations - although at first glance it may appear to represent additional costs with no return on investment.

The press increasingly spreads the word about the disclosure of users' personal data, ransom demands via ransomware and compromises of large companies. The resources deployed to safeguard data are increasing at the same pace as those engaged to breach through the security barriers.

Cybersécurité

Cybersecurity is now the crux of the matter

Political and industrial espionage

Ransom demand via ransomware

Reputational damage

Destruction of information assets

Case study

Most frequent cases

Spear-phishing

Our team sends a malicious email to a dozen user. Two users enable the macro, which allows us to take over the workstations. The team then pivots towards the internal network, escalates privileges and exfiltrates the mission trophies.

Vulnerable front-end server compromise

Our team identifies a critical vulnerability in an application exposed on the Internet, compromises a server, then another, and gradually accesses the internal network to demonstrate to the mission's sponsor that it is possible to access the defined trophies.

Reuse of authentication secrets

The team finds the passwords of several employees in public data breaches. Some passwords are still valid on an extranet which does not require two-factor authentication. A vulnerability on this extranet leads to the compromise of the internal domain and to the retrieval of sensitive data.

SYNACKTIV, A GUARANTEE OF TECHNICAL EXPERTISE

At Synacktiv, we make it a point of honor to ensure our clients' satisfaction. Such a result can only be achieved through state-of-the-art technical expertise and a thorough understanding of today's threats. Because we strive for constant improvement, we take part in international conferences and "Capture the Flag" competitions to perfect our knowledge and intrusion techniques.

Témoignages

Testimonials

Our expertise allows us to meet our clients' requirements precisely and to focus on the aspects they deem most important.

Sébastien Gaïde

CTO

Experts in penetration testing, and very familiar with the technologies we use, Synacktiv proved to be an excellent choice: a perfectly mastered methodology ensuring the exhaustiveness of the test surface, up to the very detailed report allowing to further improve the security of our platform.

Marc-Antoine Lacroix

CTO

In the banking sector more than elsewhere, security is a key issue. We call upon Synacktiv on a regular basis to ensure the level of our practices, to make them evolve and to validate the security of our platform.

Fabien Desmoulins

CISO

Synacktiv's support was precious when I took over as Information Systems Security Manager of the SPB Group. The training provided by Synacktiv's teams allowed me to improve my technical knowledge and to better understand the threats.

The latest news

Relaying Kerberos over SMB using krbrelayx

Pentest

Kerberos authentication relay was once thought to be impossible, but multiple researchers have since proven otherwise. In a 2021 article, James Forshaw discussed a technique for relaying Kerberos over ...

Learn more

Exploiting a Blind Format String Vulnerability in Modern Binaries: A Case Study from Pwn2Own Ireland 2024

Exploit

Reverse-engineering

In October 2024, during the Pwn2Own event in Cork, Ireland, hackers attempted to exploit various hardware devices such as printers, routers, smartphones, home automation systems, NAS devices, security ...

Learn more

Forensic analysis of bitwarden self-hosted server

CSIRT

Bitwarden is a popular password managing software. Being open-source, it offers self-hosting capabilities with ease of use in a controlled office or home environment. Attackers might prioritize target ...

Learn more

THE ISSUES OF COMPUTER
SECURITY

WHO CAN ASSERT NOT TO OWN ANY CONNECTED DEVICE NOWADAYS? COMPUTERS, SMARTPHONES, TABLETS, TELEVISIONS, DOMOTICS ... WE LIVE IN AN ULTRA-CONNECTED WORLD AND THIS IS NOT LIKELY TO CHANGE ANYTIME SOON.