I am a Offensive Security Expert at CNAM, one of the 5 head organizations of the French social security system
I do Offensive Security and some Forensic and I 💜 learning about malware.
- 2018 - OSCP by Offensive Security Badge here!
- 2022 - The Advanced Malware Analysis Course (Zero2Automated) by 0ffset Training Solutions Cert here!
- 2019 - Blackhoodie - Malware Reverse 101 @HITB
- 2020 - Autopsy Basics and Hands-On training
- 2021 - RED TEAM Operator: Malware Development Essentials Course (Sektor7)
- 2021 - RED TEAM Operator: Malware Development Intermediate Course (Sektor7)
- 2021 - RED TEAM Operator: Windows Evasion Course (Sektor7)
2021 -> today - Offensive Security Expert at CNAM
- Web penetration testing of internal and public applications
- Internal penetration testing
- Active Directory assessment
- Endpoint Detection & Response (EDR) and Anti-Virus assessment
- Development of offensive and analysis tools: FoxTerrier, Import Address Table Unhooking
2019 -> 2021 - Cybersecurity consultant at XMCO (Paris, France)
- Web penetration testing (black box/grey box)
- Internal penetration testing (Active Directory environment)
- Mobile application penetration testing (Android/iOS)
- PCI DSS certification penetration testing
- Member of the incident response team (forensic)
- Malware reverse for the R&D team
- Configuration audit (GNU/Linux).
2018 -> 2019 - Cybersecurity consultant at Oppida (Montigny-le-Bretonneux, France)
During my mission at Oppida, I carried out several types of missions. The first kind was to conduct penetration testing on various web applications. The second type was to audit products in order to present the results to a French government agency (ANSSI), so that they can decide whether or not the product should get an accreditation (CSPN).
2015 -> 2018 - Trainee system and network adminstrator at Easter-Eggs (Paris, France)
I was an apprentice in system and network administration at Easter-Eggs during my bachelor and my master’s degree.
Besides tickets handling and customer relations, I conducted some personal personal missions such as: coding a spamtrap (and packaging it), conducting a security audit of the internal infrastructure, and setting up an audit server as well as its associated subroutines (vulnerability scan via OpenVAS, Nmap scans, antivirus scans and rootkit detection, etc).
I also installed, configured and deployed VoIP; installed, configured and deployed gateways (on Debian) and configured firewalls using ferm.
Moreover I deployed a centralized password manager (passbolt) for internal use and took care of user training. Finally I coded an Icinga plugin that checks SSL/TLS configurations throughout the whole IT infrastructure to raise warnings if customers do not abide by best security practices.
2014 -> 2015 - Trainee system and network administrator at Alstom (Paris, France)
During the course of my apprenticeship, I carried out several missions of system administration.
The first one was to set up and configure a CentOS server. The second main one was to deploy a Redmine, in order to ease the team’s coordination.
Moreover I was in charge of the new security policy enforcement. This policy made a complete overhaul of access control on file servers.
2007 -> 2009 - Baker
Professional baker at “Un jour, une flûte” and “Le quartier du Pain” in Paris, France
2018 - Master’s degree in InfoSec at Université Paris 6 (Paris, France)
I completed my Master’s degree in apprenticeship at Easter-Eggs.
Some of the subjects I studied: forensic, Linux kernel, pentest, Android/iOS/IOT security, malware analysis, Code security (buffer overflow) along with some python and C programming.
2016 - Bachelor’s degree in InfoSec at ESGI (Paris, France)
I completed this degree in apprenticeship at Alstom.
Here I some of the subjects I studied: network and wi-fi security, cryptography and PKI, hardening Linux, security and physical intrusion, creating a ransomware.
2015 - DUT (University Diploma in Technology) in Computer Science at IUT Paris 5 (Paris, France)
I studied programming (web, software, system) and system administration.
2011 - DAEU B (Equivalence diploma leading to admission to universities) at Université Paris 6 (Paris, France)
2008 - CAP (Certificate of Professional) in Baking at École Grégoire-Ferrandi
I studied baking for 2 years while training at “À la Douce Tradition” under François Richier (Athis-Mons, France) before being a baker for 2 years.