Home
Our Services
Our catalog
Security Assessments
Live/In-person Trainings
5G Radio and core networks hacking
Mobile hacking with SDR
Practical Core Network Hacking
Red Team OTA: Physical Intrusion Systems
Red Team Wi-Fi: Modern Techniques
RF Hacking with SDR
Tailored: Wireless, software and hardware
On-demand trainings
Introduction to RF Hacking with SDR
IoT Hacking with SDR - full bundle
Red Team OTA (FR) : Intrusion Physique RF
Red Team RFID: open most of the gates!
Red Team Wi-Fi: modern techniques
SDR Hacking with GNU Radio
Questions
You have any questions?
Contact us!
Resources
Projects and tools
Publications
Blog
About Us
Contact
Publications
Home
Publications
Our past publications
Sept 15th, 2024
RF Swift: a swifty toolbox for all wireless assessments
Spectrum 2024
Slides
Sept 14th, 2024
Car Hacking: With and Without Wires for Tires
PraSec
Slides
Sept 6th, 2024
Intercepting 2G Traffic on Windows with RF Swift
YouTube Channel
Jun 6th, 2024
Connected cars: scary RF signals & possible RCEs
WarCon 2024
Slides (later)
Jun 5th, 2024
Automotive Security
WarCon 2024
Slides
Link - slide 7
Link - slide 9
Jun 6th, 2024
RF swift: a swifty tool for RF security assessments (
SSTIC 2024 - Rumps
Link
Now 13th, 2023
Automotive scary signals and potential RCE
DEFCON Paris
Slides
Now 7th, 2023
Shrinking Giants with HAROGIC: Testing the Latest Compact Spectrum Analyzers on a Budget!
YouTube channel
Oct 8h, 2023
Attacking IoT Devices through 5G interface
PraSec 2023
Slides
Jul 1st, 2023
Spectran V6 RTSA 2000X (1st review): the good, the bad and the ugly
YouTube channel
Jun 17th, 2023
5G Attacks on IoT
ESIEA Secure Edition
Slides
Feb 10th, 2023
Unlocking THE wideband on bladeRF 2.0<
YouTube channel
Aug 15th, 2022
Flipper Zero: Want some good news?
YouTube channel
Jul 31st, 2022
Flipper Zero: is this for you? Follow our 1st tests!
YouTube channel
Jun 24th and July 5th, 2022
RF Signal Hunting with Machine and Deep Learning
WarCon 2022 & Pass The Salt 2022
Slides
The Jupyter Notebook
Mar 10th, 2022
Intruding 5G SA core networks from outside and inside
GSMA FASG#22
Slides
Feb 2nd, 2022
Exploitation Log4shell on car's charging stations
Penthertz' YouTube channel
Jan 14th, 2022
A powerful Red Team & Pentest ToolBox with the GPD Pocket 3 laptop
Penthertz' YouTube channel
Jan 11th, 2022
LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk
Trend Micro's blog
Summary
Complete article
Dec 23rd, 2021
Examining Log4j Vulnerabilities in Connected Cars and Charging Stations
Trend Micro Blog
Article
Dec 23rd, 2021
5G Core SA Network intrusions
Penthertz' YouTube channel
Nov 20th, 2021
Bug hunting in 5G-NR devices and networks
No Hat 2021
Slides
Nov 4th, 2021
RF Bugs and their detection
GS Days 2021
Slides
Oct 21st, 2021
Forced Entry: A Security Test for Automatic Garage Doors
Trend Micro Blog
Article
Detailled paper
Oct 16th, 2021
RFID secrets with ICopy-X: iClass SE, secret of tags, teardown and more
Penthertz YouTube Channel
Sep 15th, 2021
Hack RFID fast with ICopy-X during Red Team engagments
Penthertz YouTube Channel
Sep 9th, 2021
Tackle rolling code with PandwaRF
Penthertz YouTube Channel
Mar 30th, 2021
V2RF - Assessing car's RF communications
ASRG Webinar
August 23th, 2021
RollD.O.R Attacks - Getting permanent accesses in garages
Penthertz YouTube Channel
Mar 30th, 2021
Protecting LoRaWAN Hardware from Attacks in the Wild
Trend Micro blog
Article
Detailled paper
Feb 19th, 2021
Gauging LoRaWAN Communication Security with LoraPWN
Trend Micro Blog
Article
Detailled paper
Jan 27th, 2021
LoRaPWNing: Practical Radio Attacks on LoRaWAN
The Things Conference
Slides
Jan 26th, 2021
Low Powered but High Risk: Evaluating Possible Attacks on LoRaWAN Devices
Trend Micro Blog
Article
Detailled paper
Dec 2nd, 2020
Deep dive into LoRa(WAN) RF and Hardware Security
OWASP Czech Meetup 2020
Nov 27th, 2020
LORAPWNING - JAK ATAKOWAĆ I ZABEZPIECZAĆ PROTOKÓŁ LORAWAN
OMYHACK 2020
Link
Nov 11th, 2020
Introduction to IoT hacking with SDR
Semana de INFormática (SINF) 2020
Slides
Apr 22nd, 2020
RF Shadow Plays
Slides
Mar 14th, 2020
Smart grid (in)security
CiderSecCon 2020
Slides
Feb 4th, 2020
Introduction to mobile network intrusions from a mobile phone
Link
Nov 3rd, 2019
TIBCO JasperReports Server XML Entity Expansion Vulnerability (CVE-2019-8986)
Document
Oct 24th, 2019
V2G Injector: Whispering to cars and charging units through the Power-Line (extended version)
t2 infosec
Slides
Oct 3rd, 2019
Huawei ManageOne ServiceCenter ACL Bypass
Software-Defined Network
Document
Aug 1st, 2019
TRF7970A forgotten features for HydraNFC
Paged Out! Issue #1
Article
Jul 6th, 2019
The return of FAIFA and HomePlugPWN: Make Power-Line Communication hacks great again!
leHack 2019
Slides
Jun 7th, 2019
V2G Injector: Whispering to cars and charging units through the Power-Line
SSTIC 2019
Slides
Paper
Mar 19th, 2019
Modmobtools: Internals, updates and more
Troopers Telco Sec Day 2019
Slides
Mar 18th, 2019
Modmob tools and tricks: Using cheap tools and tricks to attack mobile devices in practice
Troopers NGI 2019
Slides
Feb, 2019
Attacking mobile devices from GPRS to LTE
MISC magazine HS #19
Link
Nov 19th, 2018
PentHertz: The use of radio attacks in red team and pentests
Security PWNing 2018
Slides
Jun 14th, 2018
Modmobjam: Jam tomorrow, jam yesterday, but also jam today
SSTIC RUMP 2018
Slides
May 31st, 2018
Modmobmap: The modest mobile networks mapping tool
BeeRump 2018
Slides
Apr 10th, 2018
Missing XML Validation vulnerability in SAP Control Center and SAP Cockpit Framework
Link
Sep, 2017
Radio communication penetration testing
MISC Magazine HS #16
Link
Jun 8th, 2017
Out-of-control cars!
SSTIC RUMP 2017
Link
May 23th, 2017
IoT Hacking - the case of Intercoms (with little updates since 33C3)
OSSIR 2017
Slides
Dec 28th, 2016
Intercoms Hackings, when frontdoors become backdoors (more detailed)
33c3
Slides
Dec 28th, 2016
House intercoms attacks, when frontdoors become backdoors (including progresses on 3G intercoms)
Hack.lu 2012
Slides
Jul 2nd, 2016
House intercoms attacks, when frontdoors become backdoors
Nuit Du Hack 2012
Slides
Paper
Jamming attack recording
Jun 7th, 2016
Mobile communications: practical attacks using cheap equipment
Business France 2016
Slides
Feb 1st, 2016
CVE-2016-3513, CVE-2016-3514, CVE-2016-3515 and CVE-2016-3516 in Oracle ECB and COM products
May 1st, 2015
CVE-2015-6409: Cisco Jabber STARTTLS Downgrade Vulnerability
Document
Apr 15th, 2015
How to hack the Blackphone, the "NSA-Proof" smartphone
01net.com magazine
Oct 19th, 2014
HomePlugAV PLC: Practical attacks and backdooring
NoSuchCon 2014
Slides
Paper
Oct, 2012
Fuzzing the GSM Protocol Stack
Hack.lu 2012
Slides
Jul, 2012
Applicative security in Linux
MISC #62
Link
2010
Introduction to USRP: hardware, radio, digital processing, and GnuRadio
HackerzVoice
Slides
Subscribe to our mailing list
New content, events, products, services, and more!
*
indicates required
Email Address
*