DFIR • Windows Security • Reverse Engineering • Malware Analysis
I’m a cybersecurity engineering student (CentraleSupélec / ECE Paris) focusing on DFIR and digital forensics (memory analysis, artifacts, timelines, IOC extraction) and reverse engineering (Ghidra, debugging, binary analysis).
I run hands-on labs, analyze malware and binaries, simulate incidents, and publish structured write-ups here.
- DFIR / Forensics: Volatility3, Sysmon, EVTX, Prefetch/Amcache, KAPE, memory triage, timeline building
- Detection Engineering: Sigma, IOC extraction, ATT&CK mapping
- Scripting: Python (parsers, automation), C/C++ (POCs, tooling)
- Reverse Engineering: Ghidra, GDB/x64dbg, ASM x86-64, CFG, unpacking fundamentals
- Malware Analysis: static/dynamic analysis, PyInstaller unpacking, YARA rules
- Offensive Security: AD enumeration, Kerberoast/AS-REP, privesc (lab)
Memory forensics + malware analysis + reverse engineering.
Includes:
- Incident simulation (Sysmon, memory dump, timeline, Volatility3)
- Academic ransomware lab (Camellia-128 CFB, Python decryptor, persistence analysis)
- Crackme analysis (static/dynamic analysis)
- YARA rules
→ Practical investigations with detailed, documented write-ups.
C++ research project on binary static analysis (LIEF, Capstone).
Added PE/Mach-O support, extended processor coverage, DWARF handling, and Python bindings.