photo
Immortal-PC
- Professional page

Last update: 14 October 2015

Toogle open/close all

PROFESSIONAL EXPERIENCE

Work
05 Jan. 15 - NowWorking at ON-X Security as Pentest.
I worked in the following areas:
	- Aerospace
	- Banking
	- Research Center

I have performed many auditing in different environment:
	- Web (WebSphere, Python, PHP, Apache, Tomcat, SharePoint)
	- Java client (rim, t3)
	- Mobile (Android, Microsoft surface pro)
	- Client and server in C with their own network protocol

I also did malware analysis written in the following languages:
	- VBA
	- C#
	- C

I also developed various internal software in different languages:
	- VBA (Excel and Word scripting),
	- C# (development for fiddler and malware analysis),
	- JavaScript (development for fiddler and PoC with NodeJS),
	- Python (proxy and IP packet modification with Scapy)

10 Mar. 14 - 01 Aug. 14Placement in Linagora: Pentest, network security and CodeInsight (nmap, nessus, snort).
01 Jun. 13 - 01 Sept. 13Placement in a Startup. ( Lead Developer )
01 Avr. 13 - 20 May. 13Working on my [GSOC] Boost proposal
01 Jan. 12 - 01 Sept. 12Placement in a Startup. ( Lead Developer )
09 May 11 - 29 July 11Placement in INSA ( Lyon )
June 2010Host a summer camp for blind children.
2005 - 2009Creation of websites Beauvoir de Marc ; ALTFER and ASTER ( CLOSED )
2000 - 2010Computer Troubleshooter

Achievements
Linux driver, IO Card: 2014, Linux Kernel, Driver, PCI, C, Doxygen, Hardware
GitHub Hacking: 2013, Git, Python, Doxygen, Markdown, Hacking
Crypto Calculator: 2014, Git, Doxygen, ReStructuredText, Qt, C++, Cryptographic algorithm (MD5, AES, Salsa20, ...)
Private Startup: 2011-2013, HTML5, CSS3, Javascript, jQuery, jQuery UI, Java Applet, C++, Qt, MongoDB, SQL
Bomberman: 2011, Game, C++, SDL, SDL gfx, SDL ttf, template, network/socket (17 000 lines)
Rootkit: 2012, Rootkit, C, Win32 API, Kernel, SSDT, IRP, DKOM
QConsole: 2011, Begin of terminal for Windows/UNIX - Qt, C++, OOP
Website timestamp: 2013, School work, openSSL, SSL server, Making an CA, openSSL horostamp, OTP, Python, PKI
IA algorithm: 2013, Ant colony optimization algorithms, Genetic algorithm, Python, PyGame
IA Ants: 2013, Ant colony optimization algorithms, Java 7, Swing, IA, A*, BestFirst, Doxygen
Android RSS App: 2013, Java, Android SDK (16)
L2TPv3 tunnel: 2013, (L2TPv3 tunnel secured by IPsec) VMWare, L2TPv3, IPSec, GRE, lxc
IPv6 ⇔ IPv4 for TCP: 2013, IPv6, TCP, Python, lxc, VMWare
SMTP Class: 2008, PHP, OOP, SMTP
PHP Mailing List: 2006, PHP, MySQL, TinyMCE, SMTP
Eguida: 2001, some PHP

More informations at bitbucket.org/ImmortalPC, bitbucket.org/DevsOfLegend and at https://github.com/ImmortalPC/

STUDY

Moving
Driving licence (Fr - France)
Study
- Homeschooling until University. (I went in england twice for HESFES)
- Bachelor's degree of computer science (UFR Mathématique informatique de Lyon) - 2012
- Algorithms ( B-Tree, red black, ... )
- C, C++
- Maths: algebra, analysis
- Boolean algebra
- Scheme
- DataBase: MySQL, Oracle (PL/SQL)
- Web: PHP, HTML, CSS
- Hardware and Software Architecture
- Unix introduction
- OpenGL
- Design and development of applications. ( I have made a game (Bomberman) in SDL/nCurse in 17000 lines (C++, template, socket, svn, doxygen) )
- Network (Cisco router)
- Socket
- Thread/Fork
- Theory of Formal Languages
- Java
- UML
- Optimization

More information on UCBL
- Master (Two years of university study in Computer Security) at CRYPTIS
- IPTables
- Python (Scapy)
- OpenMP and Cuda
- JEE, Maven, jUnit
- Network: DHCP, ARP, DNS, ICMP, ICMPv6, IPv6, IPv4, TCP, UDP, SMTP, HTTP, NAT, VLAN, L2TPv3, OSPF, RIP, BGP, AS, DNAT, SNAT, QoS (qDisc)
- Artificial Intelligence
- Cryptology: SHA1, DES, 3DES, RSA, AES, OpenSSL
- DataBase security
- Android
- Unit tests
- J2EE: JDBC, JPA (Hibernate), JTA
- Hacking: Reverse-Engineering (C x86), Exploit (integer overflow, buffer overflow), Rootkits, HoneyPot, Pentest (SQLi, XSS, CSRF, RFI)
- Mobile AD HOC networks with Raspberry Pi
More information on CRYPTIS
Languages
French: native language
English: good comprehension and expression
Italian: beginer
German: not worked since 2008...
Target
Pursuing a PhD in computer security.

PROGRAMMING LANGUAGES

Web
JavaScript, Ajax, CSS3, HTML5, XHTML, DHTML, PHP
DataBase
MySQL/MariaDB, Access (base), Oracle (PL/SQL), SQL3 (Oracle: SQL Object POO), CouchBase, MongoDB
Scripting
Python, Bash (sh), Ms Dos, QBasic, AutoIt v3, Scheme (/LISP), VBA (Excel & Word)
JVM
Java (EE, SE, ME, Android), Java Applet, JSP, Hibernate, Spring MVC, JUnit
SmartPhone
Android
Complier
C, C++ (gcc, g++, clang), C++11, ASMx86 (base / reverse), C# (CSC)
Library
Win32 API (base), Qt, Qxt, Ncurses, SDL/PyGame, SDL gfx, SDL ttf, OpenGL, Boost, Boost MPI, pThread, Ogre3D, OpenMP, Cuda, GMP
AmazonS3, DropBox, jQuery, jQuery UI, TinyMCE,
Junit, Spring MVC, Hibernate
Scapy
Documentation
UML, Doxygen, ReStructuredText, Markdown
Other
My code is oriented towards speed, stability and security. My code is increasingly well documented with Doxygen.

COMPUTING SKILLS

Operating Systems
MsDos, Windows 3.11 / 95 / 98 / XP / Vista / 7, Ubuntu 7.10/..., Mint, SliTaz, Debian, BackTrack4, Kali, Manjaro, Android
Softwares
Reverse engineering: W32dasm, OllyDbg1.10, IDA, justDecompiler(C#), JAD (Java Decompiler),
Pentest: Cheat Engine, WPE Pro (Winsock Packet Editor), Tamper Data, HackBar, NMap, Nessus, Zap, Burp, Fiddler, W3af, Scapy, WPScan, WhatWeb, ...
Malware analysis: Regshot, SysInternals Suite, TrID, Reverse engineering, Online Tools (malware.com, hybrid-analysis.com)
SysAdmin: Apache (mod-rewrite, mod-evasive, mod-spamhaus, mod-security), PHP, MySQL/MariaDB, MongoDB,
Fail2ban, PortSentry, DenyHosts,
Logstash, ElasticSearch, Kibana,
ipTables/NetFilter, OpenSSL, NFQueue, Socat,
Developer: QtCreator, Subversion, Git, Mercurial, SSH, LDAP, MySQL WorkBench, SQL Developer (Oracle), Eclipse, Maven
Protocols
SMTP, POP, IMAP, SSH, FTP, SFTP, HDLC, HTTP, IPv4, IPv6, TCP, UDP, DNS, OSPF, RIP, BGP, L2TPv3, GRE
Hardware
CISCO router
Hacking
- Pentested envionnement: web (WebSphere, Python, PHP, Apache, Tomcat, SharePoint), java client (rim, t3), mobile (android, microsoft surface), client and server in C with their own network protocol
- Malware analysis (in C#, VBA and C)
- Web Vulnerabilities used: SQL Injections (Blind injection, Timing Attack), NoSQL Injection, XSS, DOM XSS, XXE, Session hijacking, CSRF, RFI (Remote File Include), LFI (Local File Include), Null byte vulnerability
- Reverse Engineering (C x86, Java/Android and network),
- Exploit (integer overflow, arithmetic underflow, buffer overflow (with ASLR - jmp esp)),
- Rootkits (SSDT)
- Memory scanner/edition (with Cheat Engine and AutoIt),
- Packet injection,
- HoneyPot,
- Cryptography (md5 breaker in CUDA),
- WarGame: securite-info.org, Nebula, DVWA, BadStore, DVWA, OverTheWire, RedTiger, Natas
- GitHub contributions calendar Messager

QUALITIES

Self-taught person, meticulous, sense of autonomy and initiative, (qualities I developed as homeschooler)
independent but I know teamwork,
orderly and tidy

INTEREST

Paragliding, Swimming, Ping pong, Bicycle, IT development, Chess, DIY Manual, Gardening, Gaming (Minecraft, Age Of Empire, ...)

CONTACT

Show informations
Icons from Icones.pro