Reverse-engineering
Synacktiv relies on a team of reversers able to test the security of software solutions - whether obfuscated or not - without having the corresponding source code
Our versatile experts can audit consumer as well as industrial programs and operating systems, regardless of their intended media: computer, phone, networking or industrial equipment, IoT, etc.
EXAMPLES OF ENGAGEMENTS
- Blackbox analysis of a proprietary DRM solution
- Reverse-engineering of a decoding video stream kernel module, as part of a security assessment
- Exploitation of a use-after-free vulnerability allowing privilege escalation on the audited system
Tools
IDA Pro, Ghidra, Binary Ninja, jeb, BinDiff, x64Dbg, Windbg, Frida,
QEMU, LLVM, AFL, libFuzzer
QEMU, LLVM, AFL, libFuzzer
Latest articles
Extraction of Synology encrypted archives - Pwn2Own Ireland 2024
This article features the reverse engineering of Synology encrypted archives extraction libraries and the release of a script able to decrypt these archives. The tool is available on Synacktiv's GitHu
...
Let Me Cook You a Vulnerability: Exploiting the Thermomix TM5
This article delves into vulnerability research on the Thermomix TM5, leading to the discovery of multiple vulnerabilities, which allow firmware downgrade and arbitrary code execution on some firmware
...
From cheap IoT toy to your smartphone: Getting RCE by leveraging a companion app
In this article, we will go through some vulnerabilities we found in an Android application, allowing us to take control of a recent smartphone by faking the drone itself.
...
Contact us
Do not hesitate to contact us to tell us about your needs. Our sales team is at your disposal to answer all your questions.
Team leader
Pauline Donon
Business Contacts
