HDW Sec in a few words

We are a French company specialized in offensive and defensive computer security. Building on the solid experience of its two founders and its team, HDW Sec uses its expertise to help governments and companies. In order to do this in the best possible way our team offers a set of services that will allow us to answer to your security related challenges.

Our skills



Penetration tests




Our services

Our services are modular and tailored to each client. Do not hesitate to contact us for more information.

Security audits

We audit your network and software in order to help you detect and fix vulnerabilities before they are used to harm you.

Social engineering

We test the security reflexes of your employees by mixing traditional hacking techniques and social engineering (email, phone calls, in-person approach, etc.) .


We help you to manage the security aspect of your projects.


We train and raise awareness of your teams about computer security in all of its aspects (technical et practical).

Research and development

We develop custom-made software to fit your unique needs and help you explore the technology-based solutions of tomorrow.

0-Day vulnerabilities

We allow you to access tomorrow's vulns today . Put your security to the test by trying unknown attacks on your systems and raise your security by detecting those threats.

Founding members

Jean-Jamil KHALIFE
  • Graduated from UTBM
  • Computer security expert
  • Work in sensitive environment since 2009
  • Expertise :
    • Windows/Linux security
    • Vulnerability research & exploit development
    • Pentesting
    • Security tools development
    • Reverse engineering
  • Graduated from EPITA
  • Computer security expert
  • Work in sensitive environment since 2010
  • Expertise :
    • Mac/Linux security
    • System development
    • Pentesting
    • Security tools development
    • Networks security

Latest news in our blog


Netskope Client Service Local Privilege Escalation

Jean-Jamil Khalife 2023/06/22 reverse / 0day

The Netskope client service running with NT\SYSTEM privileges accepts network connections from localhost to start various services and execute commands. A vulnerability can be exploited by local users to execute code with NT\SYSTEM privileges on the end machine.

Read More


Jean-Jamil Khalife 2023/02/07 IoT / reverse / 0day

A global memory corruption vulnerability exists in the upnpd server. A specially-crafted SUBSCRIBE request can lead to a stack buffer overflow. An attacker can send a malicious request to trigger this vulnerability and modify the execution flow to an arbitrary address somewhere in the memory of the upnpd process. This vulnerability can be exploited from the WAN or LAN.

Read More

NETGEAR Nighthawk aws_json Pre-authentication Double Stack Overflow

Jean-Jamil Khalife 2022/11/10 IoT / reverse / 0day

Pre-auth remote code execution vulnerability found in the NETGEAR Nighthawk r7000p on the WAN interface. Nighthawk R7000P is a popular dual-bank WiFi router advertised with gaming-focused features, smart parental controls, and internal hardware that is sufficiently powerful to accommodate the needs of home power users..

Read More

Local Skype security flaw

Jean-Jamil Khalife 2020/06/08 0day / Logic bug

Recently, some vulnerabilities have been discovered in the "zoom" application, including one allowing code injection, giving malware the possibility of having access to the camera and the microphone. (1) Microsoft Skype (macOS version) suffers from the same type of vulnerability.

Read More

Applied high-speed in-process fuzzing: the case of Foxit Reader

Jean-Jamil Khalife 2016/12/08 reverse / 0day

Fuzzing has now become commonplace, especially since the release of AFL. As performance is key, we'd like to optimize our fuzzing methods to maximize the number of bugs found during a given period of time.

Read More

[MS15-010 / CVE-2015-0057] Exploitation

Jean-Jamil Khalife 2015/12/17 reverse / 0day

At the beginning of 2015 Udi Yavo [1] found a Windows kernel vulnerability that can be exploited from Windows XP up to Windows 10 (preview). The vulnerability is a kernel use-after-free, which allows getting a non-arbitrary write primitive and then corrupts an adjacent object.

Read More

[CVE-2014-0322] "Snowman" exploit

Jean-Jamil Khalife 2014/03/31 reverse / 0day

Last month, FireEye identified a 0-day exploit (now identified as CVE-2014-0322), the code was targeting American military personnel according to the news. This attack was named « Operation Snowman ».

Read More

MuPdf - 0day RCE

Jean-Jamil Khalife 2013/01/26 reverse / 0day

I was recently looking for an opensource cpp lightweight PDF and XPS viewer to play with and I found MuPDF. Here is how I discovered a remote code execution when a user opens a malicious XPS document.

Read More

Call us

+33 (0) 970 463 030

Email us

Our PGP key

Our address

178 Boulevard Haussmann
75008 Paris , FRANCE