LogicalDOC is a DMS (Document Management System) available either in a community (and free) edition, or in a professional (and expensive) version. This type of product is normally used to share and access doc from « everywhere » as they say on their website: « Your documents – Always accessible, from anywhere, at […]

[0day] LogicalDOC – from guest to root



Nous avons écrit un article sur Needle, un outil permettant d’auditer la sécurité des applications iOS, qui a été publié dans le magazine MISC de mai/juin 2017. Nous avions opté pour une licence CC dans le but de mettre l’article à disposition de tout le monde dès l’expiration des droits d’auteur. Il est maintenant […]

[Publication] Auditer les applications iOS avec Needle



Do you know TheHive and Cortex ? TheHive is a free and open-source security incident response platform which relies on Cortex to analyze observables (IP, email addresses, domain names, etc…). Thanks to TheHive Project we had the chance to pentest these software a few weeks ago. TheHive team has decided to jointly publish […]

TheHive pentest



Bull/IBM Clusterwatch/Watchware is a VERY VERY OLD tool used by sysadmins to manage their AIX clusters. Marble effect in the web banner and questionable font: it smells the 90s ! Tool is mainly a web app with CGIs (shell scripts and binaries) and we have found three vulnerabilities in it: […]

[0day] Bull/IBM AIX Clusterwatch/Watchware vulnerabilities