Welcome!

My name is Théo, a computer science student interested in information security.

Articles

• Why not verifying certificates in TLS is bad • TLSs Jan 13, 2022 • 8 minutes
  In this article, we will see why not verifying the validity of a certificate is bad, and how an attacker can abuse this to read everything in the connection if he is in a Man-In-The-Middle position. You can be forced to not verify a certificate for a variety of reasons, like self-signed certificate, or the certificate is not valid anymore but you have to access the server even though. The environment For this demonstration, I will have 3 VMs: 1 server, 1 victim and 1 performing the attack (Man-in-the-middle and TLS proxy).

  Read More…
• My projects
  MapPTTH MapPTTH is a fast multi-threaded web-crawler written in C. It uses libcURL to make HTTP requests and Lexbor to extract links from the HTML files. It can produce graphs from the links found during the crawl. Graphs can exported to various formats like JPEG, PNG or SVG. It uses the GraphViz library to represent them in memory and generate the images. I wrote it as I couldn’t find any CLI crawler that was fast and easy to use.

  Read More…
• About me
  Whoami I’m a French computer science student loving information security and programming. I like to learn stuff about computers, build software and break them. My favorites programming languages are: Python Java C I like to hack on Hack The Box and vulnhub. I also do some capture the flags sometimes (like picoCTF for example). If you are interested, here is my Hack The Box badge: And I also love history !

  Read More…