$ whoami

Aurélien Thierry

Projects

https://github.com/QuoSecGmbH/os_timestamps/ - Explore how your Unix-like OS (Linux, BSD, macOS…) modifies MACB timestamps.
https://github.com/QuoSecGmbH/grap/ - Match graph patterns within binaries

A systematic approach to understanding MACB timestamps on Unix-like systems (DFRWS-EU 2022) - [paper] [pdf] [slides] [video] [transcript]
Testing updates of POSIX timestamps (2020):
- https://yaps8.github.io/blog/02_Testing_POSIX
MAC(B) Timestamps across POSIX implementations (Linux, OpenBSD, FreeBSD) (2019):
- https://yaps8.github.io/blog/01_macb_timestamps_across_POSIX

Tutorial (2020): Navigating malware samples (focus on CLI and IDA)
- https://yaps8.github.io/blog/grap_qakbot_navigation
Tutorial (2020): Automating strings decryption (focus on IDA and python bindings)
- https://yaps8.github.io/blog/grap_qakbot_strings
MISC: Algorithmes et implémentations cryptographiques vulnérables : détection avec grap
GreHack 2017: Detection of cryptographic algorithms with grap
- Slides: https://grehack.fr/data/2017/slides/GreHack17_Detection_of_cryptographic_algorithms_with_grap.pdf
- Paper: https://grehack.fr/data/2017/slides/GreHack17_Detection_of_cryptographic_algorithms_with_grap_paper.pdf
Sthack 2017: Recherche de motifs de graphes dans un exécutable avec GRAP
REcon Brussels 2017: GRAP: define and match graph patterns within binaries
- https://recon.cx/2017/brussels/resources/slides/RECON-BRX-2017-GRAP.pdf

CESAR: Test d’intrusion dans un système de contrôle de la qualité de l’eau
MISC: Réseau sans fil 802.15.4 et sécurité
CCS 2013: CoDisasm: medium scale concatic disassembly of self-modifying binaries with overlapping instructions
Malware 2013: Duqu against Duqu: Analysis and Diversion of Duqu’s driver
SSTIC 2013: Duqu contre Duqu : Analyse et détournement du driver de Duqu
Malware 2012: Code synchronization by morphological analysis
REcon 2012: Recognition of binary patterns by Morphological analysis