Pre-loader

Publications

Our past publications

Now 13th, 2023

Automotive scary signals and potential RCE

DEFCON Paris

Slides

Now 7h, 2023

Shrinking Giants with HAROGIC: Testing the Latest Compact Spectrum Analyzers on a Budget!

YouTube channel
Oct 8h, 2023

Attacking IoT Devices through 5G interface

PraSec 2023

Slides

Jul 1st, 2023

Spectran V6 RTSA 2000X (1st review): the good, the bad and the ugly

YouTube channel
Jun 17th, 2023

5G Attacks on IoT

ESIEA Secure Edition

Slides

Feb 10th, 2023

Unlocking THE wideband on bladeRF 2.0<

YouTube channel
Aug 15th, 2022

Flipper Zero: Want some good news?

YouTube channel
Jul 31st, 2022

Flipper Zero: is this for you? Follow our 1st tests!

YouTube channel
Jun 24th and July 5th, 2022

RF Signal Hunting with Machine and Deep Learning

WarCon 2022 & Pass The Salt 2022
Use of Machine and Deep Learning on RF Signals

Slides

The Jupyter Notebook

Mar 10th, 2022

Intruding 5G SA core networks from outside and inside

GSMA FASG#22

Slides

Feb 2nd, 2022

Exploitation Log4shell on car's charging stations

Penthertz' YouTube channel
Jan 14th, 2022

A powerful Red Team & Pentest ToolBox with the GPD Pocket 3 laptop

Penthertz' YouTube channel
Jan 11th, 2022

LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk

Trend Micro's blog

Summary

Complete article

Dec 23rd, 2021

Examining Log4j Vulnerabilities in Connected Cars and Charging Stations

Trend Micro Blog

Article

Dec 23rd, 2021

5G Core SA Network intrusions

Penthertz' YouTube channel
Nov 20th, 2021

Bug hunting in 5G-NR devices and networks

No Hat 2021

Slides

Nov 4th, 2021

RF Bugs and their detection

GS Days 2021

Slides

Oct 21st, 2021

Forced Entry: A Security Test for Automatic Garage Doors

Trend Micro Blog

Article

Detailled paper

Oct 16th, 2021

RFID secrets with ICopy-X: iClass SE, secret of tags, teardown and more

Penthertz YouTube Channel
Sep 15th, 2021

Hack RFID fast with ICopy-X during Red Team engagments

Penthertz YouTube Channel
Sep 9th, 2021

Tackle rolling code with PandwaRF

Penthertz YouTube Channel
Mar 30th, 2021

V2RF - Assessing car's RF communications

ASRG Webinar
August 23th, 2021

RollD.O.R Attacks - Getting permanent accesses in garages

Penthertz YouTube Channel
Mar 30th, 2021

Protecting LoRaWAN Hardware from Attacks in the Wild

Trend Micro blog

Article

Detailled paper

Feb 19th, 2021

Gauging LoRaWAN Communication Security with LoraPWN

Trend Micro Blog

Article

Detailled paper

Jan 27th, 2021

LoRaPWNing: Practical Radio Attacks on LoRaWAN

The Things Conference

Slides

Jan 26th, 2021

Low Powered but High Risk: Evaluating Possible Attacks on LoRaWAN Devices

Trend Micro Blog

Article

Detailled paper

Dec 2nd, 2020

Deep dive into LoRa(WAN) RF and Hardware Security

OWASP Czech Meetup 2020
Nov 27th, 2020

LORAPWNING - JAK ATAKOWAĆ I ZABEZPIECZAĆ PROTOKÓŁ LORAWAN

OMYHACK 2020

Link

Nov 11th, 2020

Introduction to IoT hacking with SDR

Semana de INFormática (SINF) 2020

Slides

Apr 22nd, 2020

RF Shadow Plays

Slides

Mar 14th, 2020

Smart grid (in)security

CiderSecCon 2020

Slides

Feb 4th, 2020

Introduction to mobile network intrusions from a mobile phone

Link

Nov 3rd, 2019

TIBCO JasperReports Server XML Entity Expansion Vulnerability (CVE-2019-8986)

Document

Oct 24th, 2019

V2G Injector: Whispering to cars and charging units through the Power-Line (extended version)

t2 infosec

Slides

Oct 3rd, 2019

Huawei ManageOne ServiceCenter ACL Bypass

Software-Defined Network

Document

Aug 1st, 2019

TRF7970A forgotten features for HydraNFC

Paged Out! Issue #1

Article

Jul 6th, 2019

The return of FAIFA and HomePlugPWN: Make Power-Line Communication hacks great again!

leHack 2019

Slides

Jun 7th, 2019

V2G Injector: Whispering to cars and charging units through the Power-Line

SSTIC 2019

Slides

Paper

Mar 19th, 2019

Modmobtools: Internals, updates and more

Troopers Telco Sec Day 2019

Slides

Mar 18th, 2019

Modmob tools and tricks: Using cheap tools and tricks to attack mobile devices in practice

Troopers NGI 2019

Slides

Feb, 2019

Attacking mobile devices from GPRS to LTE

MISC magazine HS #19

Link

Nov 19th, 2018

PentHertz: The use of radio attacks in red team and pentests

Security PWNing 2018

Slides

Jun 14th, 2018

Modmobjam: Jam tomorrow, jam yesterday, but also jam today

SSTIC RUMP 2018

Slides

May 31st, 2018

Modmobmap: The modest mobile networks mapping tool

BeeRump 2018

Slides

Apr 10th, 2018

Missing XML Validation vulnerability in SAP Control Center and SAP Cockpit Framework

Link

Sep, 2017

Radio communication penetration testing

MISC Magazine HS #16

Link

Jun 8th, 2017

Out-of-control cars!

SSTIC RUMP 2017

Link

May 23th, 2017

IoT Hacking - the case of Intercoms (with little updates since 33C3)

OSSIR 2017

Slides

Dec 28th, 2016

Intercoms Hackings, when frontdoors become backdoors (more detailed)

33c3

Slides

Dec 28th, 2016

House intercoms attacks, when frontdoors become backdoors (including progresses on 3G intercoms)

Hack.lu 2012

Slides

Jul 2nd, 2016

House intercoms attacks, when frontdoors become backdoors

Nuit Du Hack 2012

Slides

Paper

Jamming attack recording

Jun 7th, 2016

Mobile communications: practical attacks using cheap equipment

Business France 2016

Slides

Feb 1st, 2016

CVE-2016-3513, CVE-2016-3514, CVE-2016-3515 and CVE-2016-3516 in Oracle ECB and COM products

May 1st, 2015

CVE-2015-6409: Cisco Jabber STARTTLS Downgrade Vulnerability

Document

Apr 15th, 2015

How to hack the Blackphone, the "NSA-Proof" smartphone

01net.com magazine
Oct 19th, 2014

HomePlugAV PLC: Practical attacks and backdooring

NoSuchCon 2014

Slides

Paper

Oct, 2012

Fuzzing the GSM Protocol Stack

Hack.lu 2012

Slides

Jul, 2012

Applicative security in Linux

MISC #62

Link

2010

Introduction to USRP: hardware, radio, digital processing, and GnuRadio

HackerzVoice

Slides

Subscribe to our mailing list

New content, events, products, services, and more!

* indicates required