Welcome!

My name is Théo, a computer science student interested in information security.

Articles

• Why not verifying certificates in TLS is bad • TLS Jan 13, 2022 • 8 minutes
  In this article, we will see why not verifying the validity of a certificate is bad, and how an attacker can abuse this to read everything in the connection if he is in a Man-In-The-Middle position. You can be forced to not verify a certificate for a variety of reasons, like self-signed certificate, or the certificate is not valid anymore but you have to access the server even though. The environment For this demonstration, I will have 3 VMs: 1 server, 1 victim and 1 performing the attack (Man-in-the-middle and TLS proxy).

  Read More…
• 1 - Preparation • JVM Introductions Aug 26, 2021 • 4 minutes
  Welcome on the first part of this introduction to the Java Virtual Machine ! In this introduction, we will discover how the Java Virtual Machine works, its structure, how programs are loaded and executed, the Java bytecode and what are class files. This introduction expects that you know how to program in Java. Some background with executable and bytecode can help you to grasp faster some concepts but this is not required.

  Read More…
• My projects
  MapPTTH MapPTTH is a fast multi-threaded web-crawler written in C. It uses libcURL to make HTTP requests and Lexbor to extract links from the HTML files. It can produce graphs from the links found during the crawl. Graphs can exported to various formats like JPEG, PNG or SVG. It uses the GraphViz library to represent them in memory and generate the images. I wrote it as I couldn’t find any CLI crawler that was fast and easy to use.

  Read More…
• About me
  Whoami I’m a French computer science student loving information security and programming. I like to learn stuff about computers, build software and break them. My favorites programming languages are: Python Rust C I enjoy tackling challenges on Hack The Box and RootMe, and I occasionally participate in capture-the-flag competitions like picoCTF. My Hack The Box badge: And I am a certified defensive security analyst ! Where are you ? You can reach me on my Twitter if you want to talk !

  Read More…