[+] | [-]

Hello World !

Welcome to the my net home, I used it just to have a summary of stuff on which I work (and have worked).


.:Tool for WebSocket endpoint inspection:.

Interactive shell in order to probe/analyze a WebSocket endpoint.

.:JWT in a secure way:.

Provide tips to handle JSON Web Tokens (JWT) in a secure way.

.:Injection prevention:.

Provide tips to handle Injection into Java application code.

.:Detection of potential malicious files into file upload:.

Provide tips to protect an document upload application feature against "malicious" document submission.

.:Docker image for web application security scanning:.

Docker build file creating a image of a box containing web application security scanners.

.:OWASP Wiki Contribs:.

Articles created or for which i have contributed to:

.:OWASP SonarQube:.

Rules specification submited (rules are validated, waiting for implementation from SonarQube folks):


CVE/XLM that have found during my job for Excellium CSIRT (waiting publishing by the MITRE):


Others vulnerability that have found during my job for Excellium CSIRT:


Talks given to conferences:

.:IT Security Magazines articles:.

Article created for HAKIN9 and its associated magazines (in fact I have realized that using this channel, the information is not free then I have stopped writing article for magazine and made focus on free wiki like OWASP where information is freely available):