HDW Sec in a few words

We are a French company specialized in offensive and defensive computer security. Building on the solid experience of its two founders and its team, HDW Sec uses its expertise to help governments and companies. In order to do this in the best possible way our team offers a set of services that will allow us to answer to your security related challenges.

Our skills

Security

Development

Penetration tests

Training

Research

0-days

Our services

Our services are modular and tailored to each client. Do not hesitate to contact us for more information.

Security audits

We audit your network and software in order to help you detect and fix vulnerabilities before they are used to harm you.

Social engineering

We test the security reflexes of your employees by mixing traditional hacking techniques and social engineering (email, phone calls, in-person approach, etc.) .

Consulting

We help you to manage the security aspect of your projects.

Training/Conferences

We train and raise awareness of your teams about computer security in all of its aspects (technical et practical).

Research and development

We develop custom-made software to fit your unique needs and help you explore the technology-based solutions of tomorrow.

0-Day vulnerabilities

We allow you to access tomorrow's vulns today . Put your security to the test by trying unknown attacks on your systems and raise your security by detecting those threats.

Founding members

img
Jean-Jamil KHALIFE
Co-founder
  • Graduated from UTBM
  • Computer security expert
  • Work in sensitive environment since 2009
  • Expertise :
    • Windows/Linux security
    • System development
    • Pentesting
    • Security tools development
    • Reverse engineering
img
Pierre DUTEIL
Co-founder
  • Graduated from EPITA
  • Computer security expert
  • Work in sensitive environment since 2010
  • Expertise :
    • Mac/Linux security
    • System development
    • Pentesting
    • Security tools development
    • Networks security

Latest news in our blog

img

Applied high-speed in-process fuzzing: the case of Foxit Reader

Jean-Jamil Khalife 2016/12/08 reverse / 0day

Fuzzing has now become commonplace, especially since the release of AFL. As performance is key, we'd like to optimize our fuzzing methods to maximize the number of bugs found during a given period of time.

Read More
img

[MS15-010 / CVE-2015-0057] Exploitation

Jean-Jamil Khalife 2015/12/17 reverse / 0day

At the beginning of 2015 Udi Yavo [1] found a Windows kernel vulnerability that can be exploited from Windows XP up to Windows 10 (preview). The vulnerability is a kernel use-after-free, which allows getting a non-arbitrary write primitive and then corrupts an adjacent object.

Read More
img

[CVE-2014-0322] "Snowman" exploit

Jean-Jamil Khalife 2014/03/31 reverse / 0day

Last month, FireEye identified a 0-day exploit (now identified as CVE-2014-0322), the code was targeting American military personnel according to the news. This attack was named « Operation Snowman ».

Read More
img

MuPdf - 0day RCE

Jean-Jamil Khalife 2013/01/26 reverse / 0day

I was recently looking for an opensource cpp lightweight PDF and XPS viewer to play with and I found MuPDF. Here is how I discovered a remote code execution when a user opens a malicious XPS document.

Read More

Call us

+33 (0) 970 463 030

Email us

contact@hdwsec.fr
Our PGP key

Our address

178 Boulevard Haussmann
75008 Paris , FRANCE