Orange Cyberdefense's SensePost Team
@sensepost
Work like hell, Share all you know, Abide by your handshake, Have fun. - Dan Geer
Unsatisfied with merely relying on reFlutter to do its magic, Jacques dove deep to understand how Flutter's SSL pinning in Android works, and how to intercept it with Frida. sensepost.com/blog/2025/inte…
Dropping Teams malware via the browser’s cache - part II of @Defte_'s Browser Cache Smuggling covers his Insomni’hack talk with end to end weaponisation sensepost.com/blog/2025/brow… Demo: youtu.be/tIveWYfYcCI
Quite stoked to be speaking at @defcon 33 this year, presenting: "7 Vulns in 7 Days: Breaking Bloatware Faster Than It’s Built". Reversing, exploits, disclosure pain - it has it all, and it's going to be fun! 💥 See ya soon Vegas. ☀️
After @felmoltor argued about dependency confusion & supply chain attacks & was confused with the feasibility of doing this in 2025, he decided to take a practical approach & create his own tool 📷 to detect Orphan and Misspelled packages 📷: sensepost.com/blog/2025/deps…
Did we mention it's all in the cloud and you can get extended lab access and office hours after support ...
Wifi hacking can be a useful tool, but people are out here grinding on WPA2 handshake cracking tutorials & menu driven attack tooling. When @sensepost built the 3rd iteration of our wifi hacking course for @BlackHatEvents - we did it to show what really works & how it works. 1/7
Visiting the @sensepost offices today, such nostalgia, and the new office is really nice 🤩
Diving Into AD CS: Exploring Some Common Error Messages - @sensepost sensepost.com/blog/2025/divi…
Whipped together a SOCKS5-over-any-transport feature today for the c2 & implant used in @sensepost purple teaming / emulation exercises. Here I have a cURL request, over an ICMP channel, funnelling HTTP requests in and out via our implant :D Fun! 😄🔥
Time to sign up for @BlackHatEvents trainings. I attended @codemachineinc last year, highly recommended! Also if not your are not fully into Exploit dev , check out @sensepost training :)
GLPI (popular in France & Brazil) versions 9.5.0-10.0.16 allow hijacking sessions of authenticated users remotely. The details & process of discovering the vulnerability is detailed by @GuilhemRioux here: sensepost.com/blog/2025/leak… Tooling: github.com/Orange-Cyberde…
Glad to publish a blog post on a critical vulnerability I found some months ago on GLPI, that impacts all default installation under a certain version: sensepost.com/blog/2025/leak… We also released a tool that implements some check for known vulnerabilities: github.com/Orange-Cyberde…
Using frida-trace to hook thousands of methods in one go and get clean, readable output for large, obfuscated mobile apps 📲. Another post from Reino’s to level up your dynamic analysis: sensepost.com/blog/2025/usin…
Reino takes his NoSQL injection series a bit further with (maybe) new techniques for more efficient error based NoSQL injections in this follow up post: sensepost.com/blog/2025/nosq…