Sébastien Dudek 📡

AirSnitch: Breaking Wi-Fi Client Isolation: Technique Index, Tool Usage & Defenses This morning I came across another interesting paper submitted at the NDSS Symposium 2026 like the BLERP paper already documented in this forum, but this time challenging the Wi-Fi client isolation th...

Think your guest Wi-Fi is isolated from your main network? Think again.
AirSnitch (NDSS'26) breaks client isolation on every router tested: from home APs to enterprise WPA2/3-Enterprise. Full MitM in seconds, sometimes leaking WPA2 traffic in plaintext: 🔗 community.penthertz.com/t/airsnitch-...

3D hardware simulation tool on you browser (with leds only for now) People are a little afraid Arduino would be a dead end project since it was purchased by Qualcomm it seems (your code belongs to them, no reverse engineering allowed, data collection, etc.). So basica...

🔌 Want to teach kids electronics basics without buying hardware first? Check out this 3D hardware simulator right in your browser: community.penthertz.com/t/3d-hardwar...
Drop components on a protoboard, write Arduino code, and watch LEDs blink. No soldering iron needed 😄
Parts are still limited

BLERP: BLE Re-Pairing Attacks and Defenses Introduction Last week Daniele Antonioli posted an interesting paper and tooling (two nRF52840 boards, custom NimBLE btshell + Scapy-based Python Host for the double-channel MitM), he did with Tommaso...

Something new in our community and that deserves more attention: Breakdown of BLERP, the BLE re-pairing attacks by
Daniele Antonioli
& Sacchetti (NDSS 2026). TL;DR: the BLE standard doesn't authenticate re-pairing.
Paper + PoC indexed there:
community.penthertz.com/t/blerp-ble-...

[CVE-2026-0714] TPM-sniffing LUKS Keys on an Embedded Device Interesting blog post following the problem found on BitLocker but this time on a Linux device using the TPM: [CVE-2026-0714] TPM-sniffing LUKS Keys on an Embedded Device Here is a good example, that...

🔓 Great discussion on our community around CVE-2026-0714: TPM-sniffing LUKS keys on an embedded device via SPI bus. First documented attack using TPM2_NV_Read instead of Unseal. Join the thread 👇
community.penthertz.com/t/cve-2026-0...

PCB Tracer for reverse engineering and Troubleshooting & Repair Something to try on: https://pcbtracer.com/ It is possible to draw the pins, power, components other a high quality picture, but there is also an AI function that could be interesting to find comp...

A neat tool for PCB reverse engineering & troubleshooting: PCB Tracer! (Draw pins, power lines, components over high-res photos - plus an AI mode to auto-detect components) Also listed some open-source alternatives 👇
community.penthertz.com/t/pcb-tracer...

POV: you demo a vulnerability on stage in 2019, release a full exploitation tool (V2GInjector), present it at conferences and then get silent for some years...

...and in 2025 it finally gets a CVE because someone else reported it to CISA 💀

At least they credited us. Thanks CISA 🤝

#CVE-2025-12357

🚀 RF Swift images v0.1.3 out! Updated Ghidra, ImHex, RF tools + new libhydrasdr v1.1.0 for HydraSDR RFOne and our special SDR++ package & more! rfswift.io

🦭 RF Swift now supports #Podman! Run your RF security lab rootless/rootful & daemonless. Auto-detects Docker or Podman at runtime. v1.0.0 "Skywave" 📡🔓
rfswift.io

📖 Annnnd new docs! rfswift realtime command explained
Speed-up your I/O streams and kill #SDR buffer underruns ⚡
🔗 rfswift.io/docs/commands/realtime/

🚀 RF Swift v0.7.1!
New "--realtime" mode and associated features ⚡ Killing SDR buffer underruns!
rfswift run -i <image> -n sdr --realtime
📡 rfswift.io
#SDR #HamRadio #RF #pentesting #realtime

⚡ RF Swift v0.7.0 dropped!
🆕 Image versioning support is finally here 🏷️
No more version chaos - track your container images like a pro 📻🔧
👉 rfswift.io
#SDR #RFSecurity #OpenSource #SDR #hacking

📡 CVE-2025-36911: Fast Pair accepts KBP requests outside pairing mode. Full Python exploit + demo with RF Swift (rfswift.io) 🎬 Re-adapted for CLI

github.com/PentHertz/CV...

🚀 RF Swift: Deploy, run, repeat! Stop wasting time on SDR setup and start hacking. Your RF toolkit, ready in seconds ⚡📡 rfswift.io

🔌 Did you know? RF Swift can run totally disconnected! Perfect for classified environments 🔒 rfswift.io/docs/air-gap... 🚀
#RF #Hacking #pentest #lab #disconnected #air-gapped #classified

🤯🎊 RF Swift v0.6.5-rc4 is HERE!

🔥 Dynamic container management
📹 Session recording
⚙️ Live bindings/caps/cgroups/ports
🐳 Container upgrade system

PLUS: Complete docs for ALL commands! 📖

🌐 rfswift.io
📚 rfswift.io/docs/commands/

🚀🎉 #RFSwift #SDR #Radio #Hacking #pentest #ham #pro

🎄 Merry Christmas from Team Penthertz! Wishing you joy, security & a happy 2026! 🔐✨🎁

🎄 Merry Christmas from Team Penthertz! Wishing you joy, security & a happy 2026! 🔐✨🎁

🎄✨ Merry Christmas & Happy New Hacking Year 2026! ✨🎄
As we wrap up 2025, we want to extend our heartfelt thanks to all our amazing customers and partners! 🙏
What an incredible year it's been at Penthertz! 🚀 From drones 🛸 and medical devices 🏥 to transport systems 🚇🚆, 5G networks 📡, and SDR

⚡️ RF Swift just got an EPIC with an update! ⚡️

200+ tools. 19 specialized images. 3 architectures. ONE toolkit.

🔬 Reverse Engineering
📡 SDR & GNU Radio
📱 Wireless Security
🚗 Automotive Hacking
📞 Telecom (2G-5G)
🔧 Hardware Security

Docs: rfswift.io

⚠️ Connected alarms hacked live on French TV! Our TF1 news demo from 10 days ago 🔓
www.tf1.fr/tf1/jt-20h/v...

🔓 Votre alarme connectée est-elle vraiment sûre ? On démontre cela au JT TF1 (il y a 10j) ⚠️
www.tf1.fr/tf1/jt-20h/v...

🎅🎁 Ho ho ho #Telco📡! 5GC Pentest Burp Suite ext under the tree! 🔐🎄 github.com/PentHertz/5G... ✨🎉🚀 #5GSecurity

Testing a new discreet setup for some engagements powered by rfswift.io

🚀 JUST DROPPED: Z-Attack-NG!
Next-gen Z-Wave hacking framework with FULL S2 decryption support!
🔐 Decrypt AES-CCM encryption
⚡ Real-time packet sniffing
🎨 Modern ImGui interface

Get it now 👉 github.com/PentHertz/Z-...

YouTube video by CyberpunkCompany [LONG INT*] Fluxius pirate la planète (Cybersec, HF, et britney spears)

Le tout dernier épisode de LONG INT * sort à 15h aujourd'hui!
Cette fois, c'est @fluxius.bsky.social qui nous racconte.

N'hésitez pas à liker, commenter, partager, c'est bon pour le référencement!

Youtube: www.youtube.com/watch?v=3J7T...
Spotify: open.spotify.com/show/6hrcsJT...

👨‍🏭 Reloading a 10y old tool for z-Wave (plus) hacking... And alarm fuzzing
👉 Stay tuned

See you in November for a fresh new @hardwear_io program still featuring #SDR Software-Defined Radio techniques on industrial systems 🏭🤖, tracking systems and drone 🚁 and these techniques will also apply to others topics when long range communications are involved 🎯
👇
hardwear.io/netherlands-...

Root Shell on Credit Card Terminal: stefan-gloor.ch/yomani-hack via Marcel Rick-Cen

🎉 Great being part of PraSec in Prague for the 3rd time! Amazing community
👥 Shared RF Swift presentation on rapid RF analysis
📡 Slides: penthertz.com/publications/
#PraSec #RF #Security

YouTube video by robotbids Humanoid Robot Attacks Handlers – Is This Our Future?

👾 "Kill all humans!!" 🤖🔪
👉 When a robot wakes up!
youtu.be/aBS2afzDqjM?...