Pedagogy & writing
With a strong attraction for teaching and knowledge sharing, I give particular importance to the editorial quality of deliverables, to restitution speeches (managerial / technical) and to popularization / awareness through illustration.
Development / Scripting
Bash, Powershell, Python, PHP, Ruby, Go, Java, C/C++… with very good bases in many languages, I adapt in a versatile way to various developments for the realization of source code audits and the search for vulnerabilities.
Identity & Access Management
My experiences led me to deploy, manipulate, compare and audit security software solutions such as PingIdentity, ForgeRock, Apereo, PWM, Prim’X, Brainwave, LDAP, Symantec, ILEX, OIM, Wallix, O365, GSuite, etc. . allowing me to provide advice to clients.
I carry out the deployment, analysis and audit of network security protocols: IPSec (ISAKMP, IKEv1, IKEv2, AH, ESP), SSL (v2, v3), TLS (v1.0, v1.1, v1.2, 1.3) , SSH, OAuth, OpenID, OpenID Connect, SAML (1.0, 1.1, 2.0), WS-*, etc. within various network topologies and software.
Cryptology (Crypto / Crypta)
Development of tools, audit-statistics of secrets (passwords, credentials, key pairs) and training-awareness in symmetric cryptography / asymmetric / hashing. I am passionate about offensive cryptanalysis / cracking and password statistics.
Web vulnerabilities / OWASP
Working as a pentester and bughunter, I have excellent knowledge while keeping myself up to date (challenges / CTFs) to continuously improve my offensive skills against web technologies.