Security audit
Synacktiv offers you the opportunity to evaluate your maturity level in cybersecurity by performing in-depth audits of the critical elements within your infrastructure or applications
Because they require a great knowledge and mastery of different technologies, technical security audits are often overlooked by companies in favor of penetration tests. At Synacktiv, we believe that securing an asset also involves understanding the way it works precisely.
EXAMPLES OF ENGAGEMENTS
- Audit of an operator's core network (configuration analysis of the firewalls, routers, switches, etc.)
- Audit of a connected CCTV system (physical security of the hardware, stream protection, robustness of the authentication interfaces, etc.)
- Audit of a network diode solution (hardware and software configuration, segmentation between network interfaces, etc.)

Tools
O-ditor (internal exploitation and analysis tool), Disconet, Kraqozorus,
regexp, scripting, database, elbow grease
Latest articles
What could go wrong when MySQL strict SQL mode is off?
This article shows some examples of attacks that can abuse MySQL behavior when the strict SQL mode is disabled, especially when string characters are invalid in the current encoding. This happens when
...
The Phantom Extension: Backdooring chrome through uncharted pathways
The increasing hardening of traditional Windows components such as LSASS has pushed attackers to explore alternative entry points. Among these, web browsers have emerged as highly valuable targets sin
...
Dissecting DCOM part 1
This is the first article on the "Dissecting DCOM" series. This article aims at giving an introduction to the base principles of COM and DCOM protocols as well as a detailed network analysis of DCOM.
...