Pour la 4e année consécutive, Sysdream était présent à la DEFCON. Encore une belle édition pour un des évènements les plus incontournables de notre secteur d’activité.

Antidote, a spell checker program for Windows, Linux and macOS operating systems, has been affected by a remote code execution against the update component.

We found a Cross-site scripting (XSS) vulnerability in Dolibarr, which is an "Open Source ERP & CRM for Business" used by many companies worldwide.

We found a SQL injection (SQLi) vulnerability in Dolibarr, which is an "Open Source ERP & CRM for Business" used by many companies worldwide.

We found a Remote Code Execution (RCE) vulnerability in Dolibarr, which is an "Open Source ERP & CRM for Business" used by many companies worldwide.

Several vulnerabilities have been discovered in domains recently acquired by Google between 2017, April and 2017, September.

The reported vulnerabilities are related to the following domains: withgoogle.com and kaggle.com.

The flaws are of the following kinds: broken access control, directory traversal and XSS vulnerabilities.

Cet article introduit le sujet de l'exploitation de vulnérabilités dans la gestion de la mémoire basée sur le tas.

Le round de qualifications pour le CTF privé de la Nuit du Hack, organisé par Sysdream, se déroulera entre le 30 mars 2018 à 23h59 (11:59PM CEST, UTC+0200) et le 31 mars 2018 23h59 (11:59PM CEST, UTC+0200).

We found and reported some XSS vulnerabilities in Grav CMS, a markdown based content management platform.

The Hershell project is a Go source code that is able to generate a reverse shell payload that is cross-platform and able to integrate with the Metasploit framework, among several other features like low detection rate with antivirus and TLS encryption.