About me

12+ years in offensive security, specializing in Red Teaming, from physical intrusion to application security. I uncover vulnerabilities, simulate real-world attacks, and help organizations strengthen their defenses. Skilled in pentesting, code audits, AD assessments, and physical access audits, with a track record of CVE discoveries. Passionate about pushing the limits of security.

Things I'm good at

  • Pentesting and Red Teaming
  • Opensource Technologies
  • Application Security

Published CVEs

3
CVE-2019-11816 - Pfsense / OPNsense
CVE-2023-33228 - SolarWinds
CVE-2024-22244 - Harbor

More skills

01 General skills
  • Red Teaming
  • Web application pentesting
  • Code audits
  • AD pentesting
  • Mobile applications pentesting
  • Forensics and investigation
  • Physical access audits (RFID / locks)
  • System administration
  • Network administration
  • DevOps
  • Secure development champion (OWASP)
  • Project management
  • Pre-sales
02 Languages | Technologies
Linux | Windows
GCP | AWS | Azure
Dev Python | Golang
Audit Java | PHP | C# | Ruby
Openvas | Nexpose | Acunetix | Nessus
KVM | Proxmox | VMWare ESXi
Docker | Kubernetes
Postgres | MySQL | MongoDB
Icinga2 | Prometheus | Grafana
OPNSense | pfSense | Cisco Meraki

Volunteer work

2018 - Today
Member of the strategy and operating team
4water International - Water and sanitation related charity.
2018 - Today
Dance teacher - Co-President
Salsa4Water Lyon - Water and sanitation related charity.
2017 - Today
Dance teacher
Salsa4Water Lyon - Water and sanitation related charity.

Languages

  • French Mother tongue
  • English Fluent
  • German B2 level

Education

2011 -2014
Master Of Science (M.Sc), Computing. R&D specialization
INSA de Lyon (France).
2009 - 2011
Scientific undergraduate courses
INSA de Lyon (France).
2008 - 2009
Scientific Baccalauréat with highest honors
Institution Sainte Marie, Belfort (France).

Certifications and completed trainings

7
SANS / GPEN
Offensive Security / OSCP / OSWE / OWSP
AT Security / Physical intrusion techniques
ANSSI - PASSI - Penetration testing / Code audit / Audit manager (Expired in 2021)
Basis Technology / Autopsy Basics and Hands On

Experience

2023 - Today
Freelance Cybersecurity expert
CryptID, Lyon.
2021 - 2023 | 2 years
Infosec engineer
LumApps, Lyon.
2020 - 2021 | 5 months
Red Team operator | Contractor (Advens)
BPCE-IT, Lyon.
2016 - 2021 | 5 years
Lead pentester | Security Consultant
Advens, Lyon, France.
2014 - 2016 | 2 years
Pentester | Security Consultant
Certilience, Lyon, France.
2014 | 6 months | Internship
Software conception and development, 3D visualization
The CoSMo Company, Lyon, France.
2013 | 4 months | Internship
Web development | R&D project
Performance Engineering Lab., University College Dublin, Ireland.
2012 | 3 months | Internship
Scientific computing and parallel programming (C/C++)
Areva NP, Lyon, France.

Hobbies

Jazz Piano
Mountain sports
Reading
Latin dances
Traveling
Paragliding
Climbing
Foreign cultures

Design by Fernando Baez. Coding & Implementation by GRAV team.