With the release of Android Nougat, Google introduced restriction about native libraries that can be loaded from an Android …

When analyzing executable, the first layer of information is the format in which the executable is wrapped. It turns out that a lot of …

When analyzing executable, the first layer of information is the format in which the executable is wrapped. It turns out that a lot of …

The first part of the talk is going to be an introduction to the Triton framework to expose its components and to explain how they work …

At this presentation we will talk about how a DBA (Dynamic Binary Analysis) may help a reverse engineer to reverse obfuscated code. We …

Binary obfuscation is used to protect software’s intellectual property. There exist different kinds of obfucation but roughly, it …


Internal structures of OAT format

Internal structures of VDEX format

On how we used LIEF to lift an Android x86_64 library to Linux to perform our usual white-box attacks on it.

This post explains how to use Frida gadget on a non-rooted device.

This post explains how to use LIEF to transform an ELF executable into a library

This blog post introduces new features of LIEF as well as some uses cases.

We are open-sourcing LIEF, a library to parse and manipulate ELF, PE and Mach-O binary formats. This blog post explains the purpose of …

Write up

Write up

This blog post introduce code coverage with Triton



Python binding for JADX decompiler

C++/Python library to handle Android Manifest

Android dumplog enables to filter logs based on package name and

LIEF is a Library to Instrument Executable Formats

Work Experience

September 2016 – Present

Security Researcher


My research topics are mostly:

  • Code obfuscation
  • Reverse engineering
  • Android
  • Software protections (Packing…)

Android Trainer

The given training aims to provide keys to analyze Android applications as well as their interactions with the system.

This training covers the following topics:

  • Malware analysis
  • Android Runtime and file formats (DEX, ART, OAT, ODEX, VDEX, ELF)
  • IPC and Binder
  • Boot process
  • Securities (dm-verity, SELinux, …)
  • Protections (Obfuscation, packer, anti-debug, …)

Badge - Introduction to executable formats

This one day course is an introduction to executable formats in order to be more efficient when reverse engineering.

The course is focus on PE and ELF formats.

January 2016 – August 2016



This internship was about development of LIEF: A library to parse and modify executable file formats. The project has been open-sourced few years later.

During this intern, I also developed an Android packer to protect native libraries.

Report (French)

April 2015 – July 2015



During this internship, I worked on Epona: An obfuscator based on LLVM developed by Quarkslab

  • LLVM compiler infrastructure.
  • Development of a code coverage tool based on Triton
  • Studying of graph flattening obfuscation with Triton
July 2014 – August 2014



This internship was about JTAG, and more precisely, how to discover JTAG ports on embedded system (Routers, 4G Internet key, …)

  • Development of a JTAG testing tool
  • Use of Bus Blaster and JTAGulator with the openOCD library.
August 2013 – November 2013



I developed the company’s website by using Model–view–controller architecture.

  • PHP5
  • MySQL
  • JQuery