Security Engineer

Quarkslab

Biography

Security Engineer at Quarkslab.

Working on the development of new tools to assist security researchers, I’m also interested in Android, (de)obfuscation and software protections.

Author of LIEF

Interests

  • Reverse engineering
  • Android applications & internals
  • Executable file formats
  • Mathematics

Education

  • Engineering degree, 2016

    ESIEE Paris

  • Bachelor’s degree, Computer Science, 2015

    École Polytechnique de Montréal

  • Baccalauréat, 2011

    Lycée Maurice Ravel

Gallery

QList

QList object layout from Qt 5.11.2

QString

QString object layout from Qt 5.11.2

Projects

Tencent Legu Unpacker

Scripts to unpack Android applications protected by Tencent Legu

Android Runtime Restrictions Bypass (PoC)

Android application that disables Android restrictions without root privileges

LIEF

LIEF is a Library to Instrument Executable Formats

Work Experience

 
 
 
 
 

Security Engineer

QuarksLab

September 2016 – Present Paris

I mostly work on the following topics:

  • Code obfuscation
  • Reverse engineering
  • Android
  • Software protections
  • Tools development (LIEF, QBDI, …)

Android Trainer

The training aims to provide keys to analyze Android applications as well as their interactions with the system.

This training covers the following topics:

  • Malware analysis
  • Android Runtime and file formats (DEX, ART, OAT, ODEX, VDEX, ELF)
  • IPC and Binder
  • Boot process
  • Securities (dm-verity, SELinux, …)
  • Protections (Obfuscation, packer, anti-debug, …)

The complete syllabus is available here: https://quarkslab.com/android-applications/


Badge - Introduction to executable formats

This one day course is an introduction to executable formats in order to be more efficient when reverse engineering.

The course is focused on the PE and ELF formats.

 
 
 
 
 

Intern

QuarksLab

January 2016 – August 2016 Paris

This internship were about the development of LIEF: A library to parse and modify executable file formats. The project has been open-sourced few years later.

During this intern, I also developed an Android packer to protect native libraries.

Report (French)

 
 
 
 
 

Intern

QuarksLab

April 2015 – July 2015 Paris

During this internship, I worked on Epona: An obfuscator based on LLVM developed by Quarkslab

  • LLVM compiler infrastructure.
  • Development of a code coverage tool based on Triton
  • Studying of graph flattening obfuscation with Triton
 
 
 
 
 

Intern

QuarksLab

July 2014 – August 2014 Paris

This internship was about JTAG, and more precisely, how to discover JTAG ports on embedded systems (routers, 4G Internet key, …)

  • Development of a JTAG testing tool
  • Use of Bus Blaster and JTAGulator with the openOCD library.

Contact

GPG: EF86C95E - pgp.key-server.io

Fingerprint: 15E3 4637 48FE 6F81 D8EE B0CE 1CD1 ECED EF86 C95E