From UV light to CPU register tracing: 8 years of tackling STM32 readout protection, quickly summarized.
The latest? STM32-TraceRip achieves 100% flash recovery on STM32G0: no glitching, no decapping, just reading processor state during normal execution:
π
community.penthertz.com/t/breaking-s...
Think your guest Wi-Fi is isolated from your main network? Think again.
AirSnitch (NDSS'26) breaks client isolation on every router tested: from home APs to enterprise WPA2/3-Enterprise. Full MitM in seconds, sometimes leaking WPA2 traffic in plaintext: π community.penthertz.com/t/airsnitch-...
π Want to teach kids electronics basics without buying hardware first? Check out this 3D hardware simulator right in your browser: community.penthertz.com/t/3d-hardwar...
Drop components on a protoboard, write Arduino code, and watch LEDs blink. No soldering iron needed π
Parts are still limited
Something new in our community and that deserves more attention: Breakdown of BLERP, the BLE re-pairing attacks by
Daniele Antonioli
& Sacchetti (NDSS 2026). TL;DR: the BLE standard doesn't authenticate re-pairing.
Paper + PoC indexed there:
community.penthertz.com/t/blerp-ble-...
π Great discussion on our community around CVE-2026-0714: TPM-sniffing LUKS keys on an embedded device via SPI bus. First documented attack using TPM2_NV_Read instead of Unseal. Join the thread π
community.penthertz.com/t/cve-2026-0...
A neat tool for PCB reverse engineering & troubleshooting: PCB Tracer! (Draw pins, power lines, components over high-res photos - plus an AI mode to auto-detect components) Also listed some open-source alternatives π
community.penthertz.com/t/pcb-tracer...
POV: you demo a vulnerability on stage in 2019, release a full exploitation tool (V2GInjector), present it at conferences and then get silent for some years...
...and in 2025 it finally gets a CVE because someone else reported it to CISA π
At least they credited us. Thanks CISA π€
#CVE-2025-12357
π RF Swift images v0.1.3 out! Updated Ghidra, ImHex, RF tools + new libhydrasdr v1.1.0 for HydraSDR RFOne and our special SDR++ package & more! rfswift.io
π¦ RF Swift now supports #Podman! Run your RF security lab rootless/rootful & daemonless. Auto-detects Docker or Podman at runtime. v1.0.0 "Skywave" π‘π
rfswift.io
π Annnnd new docs! rfswift realtime command explained
Speed-up your I/O streams and kill #SDR buffer underruns β‘
π rfswift.io/docs/commands/realtime/
π RF Swift v0.7.1!
New "--realtime" mode and associated features β‘ Killing SDR buffer underruns!
rfswift run -i <image> -n sdr --realtime
π‘ rfswift.io
#SDR #HamRadio #RF #pentesting #realtime
β‘ RF Swift v0.7.0 dropped!
π Image versioning support is finally here π·οΈ
No more version chaos - track your container images like a pro π»π§
π rfswift.io
#SDR #RFSecurity #OpenSource #SDR #hacking
π‘ CVE-2025-36911: Fast Pair accepts KBP requests outside pairing mode. Full Python exploit + demo with RF Swift (rfswift.io) π¬ Re-adapted for CLI
github.com/PentHertz/CV...
π RF Swift: Deploy, run, repeat! Stop wasting time on SDR setup and start hacking. Your RF toolkit, ready in seconds β‘π‘ rfswift.io
π Did you know? RF Swift can run totally disconnected! Perfect for classified environments π rfswift.io/docs/air-gap... π
#RF #Hacking #pentest #lab #disconnected #air-gapped #classified
π€―π RF Swift v0.6.5-rc4 is HERE!
π₯ Dynamic container management
πΉ Session recording
βοΈ Live bindings/caps/cgroups/ports
π³ Container upgrade system
PLUS: Complete docs for ALL commands! π
π rfswift.io
π rfswift.io/docs/commands/
ππ #RFSwift #SDR #Radio #Hacking #pentest #ham #pro
π Merry Christmas from Team Penthertz! Wishing you joy, security & a happy 2026! πβ¨π
π Merry Christmas from Team Penthertz! Wishing you joy, security & a happy 2026! πβ¨π
πβ¨ Merry Christmas & Happy New Hacking Year 2026! β¨π
As we wrap up 2025, we want to extend our heartfelt thanks to all our amazing customers and partners! π
What an incredible year it's been at Penthertz! π From drones πΈ and medical devices π₯ to transport systems ππ, 5G networks π‘, and SDR
β‘οΈ RF Swift just got an EPIC with an update! β‘οΈ
200+ tools. 19 specialized images. 3 architectures. ONE toolkit.
π¬ Reverse Engineering
π‘ SDR & GNU Radio
π± Wireless Security
π Automotive Hacking
π Telecom (2G-5G)
π§ Hardware Security
Docs: rfswift.io
β οΈ Connected alarms hacked live on French TV! Our TF1 news demo from 10 days ago π
www.tf1.fr/tf1/jt-20h/v...
π Votre alarme connectΓ©e est-elle vraiment sΓ»re ? On dΓ©montre cela au JT TF1 (il y a 10j) β οΈ
www.tf1.fr/tf1/jt-20h/v...
π π Ho ho ho #Telcoπ‘! 5GC Pentest Burp Suite ext under the tree! ππ github.com/PentHertz/5G... β¨ππ #5GSecurity
Testing a new discreet setup for some engagements powered by rfswift.io
π JUST DROPPED: Z-Attack-NG!
Next-gen Z-Wave hacking framework with FULL S2 decryption support!
π Decrypt AES-CCM encryption
β‘ Real-time packet sniffing
π¨ Modern ImGui interface
Get it now π github.com/PentHertz/Z-...
![[LONG INT*] Fluxius pirate la planète (Cybersec, HF, et britney spears)](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:u33wacfom75lvpov5cajs7zv/bafkreihzir4bc4agvmayqzs4opaumr7zpxiyvhdbb4n5ildm2zecirzpha)
Le tout dernier Γ©pisode de LONG INT * sort Γ 15h aujourd'hui!
Cette fois, c'est @fluxius.bsky.social qui nous racconte.
N'hΓ©sitez pas Γ liker, commenter, partager, c'est bon pour le rΓ©fΓ©rencement!
Youtube: www.youtube.com/watch?v=3J7T...
Spotify: open.spotify.com/show/6hrcsJT...
π¨βπ Reloading a 10y old tool for z-Wave (plus) hacking... And alarm fuzzing
π Stay tuned
See you in November for a fresh new @hardwear_io program still featuring #SDR Software-Defined Radio techniques on industrial systems ππ€, tracking systems and drone π and these techniques will also apply to others topics when long range communications are involved π―
π
hardwear.io/netherlands-...
Root Shell on Credit Card Terminal: stefan-gloor.ch/yomani-hack via Marcel Rick-Cen
