Security audit
Synacktiv offers you the opportunity to evaluate your maturity level in cybersecurity by performing in-depth audits of the critical elements within your infrastructure or applications
Because they require a great knowledge and mastery of different technologies, technical security audits are often overlooked by companies in favor of penetration tests. At Synacktiv, we believe that securing an asset also involves understanding the way it works precisely.
EXAMPLES OF ENGAGEMENTS
- Audit of an operator's core network (configuration analysis of the firewalls, routers, switches, etc.)
- Audit of a connected CCTV system (physical security of the hardware, stream protection, robustness of the authentication interfaces, etc.)
- Audit of a network diode solution (hardware and software configuration, segmentation between network interfaces, etc.)
Tools
O-ditor (internal exploitation and analysis tool), Disconet, Kraqozorus,
regexp, scripting, database, elbow grease
Latest articles
Should you trust your zero trust? Bypassing Zscaler posture checks
Zscaler is widely used to enforce zero trust principles by verifying device posture before granting access to internal resources. These checks are meant to provide an additional layer of security beyo
...
Laravel: APP_KEY leakage analysis
In November 2024, Mickaël Benassouli and I talked about vulnerability patterns based on Laravel encryption at Grehack. Although, each discovered vulnerability requires access to a Laravel secret:
...
NTLM reflection is dead, long live NTLM reflection! – An in-depth analysis of CVE-2025-33073
For nearly two decades, Windows has been plagued with NTLM reflection vulnerabilities. In this article, we present CVE-2025-33073, a logical vulnerability which bypasses NTLM reflection mitigations an
...
Contact us
Do not hesitate to contact us to tell us about your needs. Our sales team is at your disposal to answer all your questions.
Team leader
Julien Legras
Business Contacts
