HtmlToText
-- about me hi there ! i am robin a computer security researcher and a computer science enthusiast at large. i spend a lot of time coding, working on personal projects, writing poc, doing ctf and trying to put my hands on hardware stuff arduino & co. lately, i had the opportunity of doing a phd to work on my favorite subject namely reverse-engineering and malware analysis. since then, i joined quarkslab where i am enjoying working on reverse-engineering and low-level stuff. phd thesis i performed my phd at the atomic energy commission (cea) within the safety and security laboratory. my subject was trying using formal methods used in the lab for software verification of critical systems (nuclear powerplants, avionic) but applied here for malware deobfuscation. among the existing techniques, like abstract interpretation or weakest-precondition calculus, i focused on dynamic symbolic execution (dse) which provides great properties for obfuscated codes. i also worked to optimize dse for such codes and developped different approaches (forward/backward) and combinations (static, dynamic, symbolic) to address different issues. the end goal of the research is to recover the best approximation of the binary program cfg to enable more relevant malware signatures (in a future work). manuscript slides talks 2016 black hat eu code deobfuscation: intertwining dynamic, static and symbolic approaches , sébastien bardin this talks present new dynamic symbolic execution algorithms geared to scale on obfuscated code. this talks also shows various analysis combination (static, dynamic and symbolic) allowing to detect various obfuscations like opaque predicates and call/stack tampering. all the analyses were implemented in binsec/se, pinsec and idasec respectively the symbolic engine, dynamic instrumentation and ida plugin. using these tools, multiples demos will be made on various packers and more especially on some malicious components used by the sednit/apt28 group for its targeted attacks campaigns. slides a> academic publications [ dblp ] [ scholar ] 2017 s&p; backward-bounded dse: targeting infeasibility questions on obfuscated codes , sébastien bardin, jean-yves marion 2016 ssprew finding the needle in the heap: combining static analysis and dynamic symbolic execution to trigger use-after-free josselin feist, laurent mounier, sébastien bardin, marie-laure potet, 2016 issta specification of concretization and symbolization policies in symbolic execution , sébastien bardin, josselin feist, laurent mounier, marie-laure potet, thanh dinh ta, jean-yves marion 2016 saner binsec/se: a dynamic symbolic execution toolkit for binary-level analysis , sébastien bardin, thanh dinh ta, josselin feist, laurent mounier, marie-laure potet, jean-yves marion 2015 icst sound and quasi-complete detection of infeasible test requirements sébastien bardin, mickaël delahaye, , nickolaï kosmatov, mike papadakis, yves le traon, jean-yves marion complete list of publications and download links: here (academic and non-academic) teachings 2015 (32h) inf441: advanced programming (practicals) polytechnique, ecole polytechnique 2015 (18h) introduction to computer security (practicals) polytech paris-sud, université paris sud (paris xi) (now université paris-saclay) 2014 (3h) software testing (practicals) polytech-upmc, université pierre et marie curie (paris 6) 2014 (3h) mosd: methods for data security (practicals) upec, université paris-est créteil val-de-marne detailed list of teachings here various (github) projects idasec ida plugin for reverse-engineering and dynamic interactions with the binsec platform pystack a tcp/ip stack crafting framework for python pytts python text-to-speech synthetizer based on google translate engine pytesser python wrapper for the tesseract ocr engine checksec improvement to the original checksec script (to get infos about pie,relro, pax, canaries etc) lsb steganography script to embed data into images using lsb method other blog posts 2013-01-28 - raspberry pi first config and services configuration 2012-06-16 - wikipedia frequency analysis 2012-06-15 - vigenere crypto chall with a basic kasiski-babbage implementation feb 28 th , 2014 11:07 pm tweet -- a site to remotly back up my brain. -- -- -- home publications teachings tuto opencv blog links -- archives -- recent posts raspberry pi: first config and services configuration kasiski-babbage cryptanalysis in python github repos status updating... @robindavid on github categories cryptography (1) raspberry pi (1) copyright © 2018 - - powered by octopress
Informations Whois
Whois est un protocole qui permet d'accéder aux informations d'enregistrement.Vous pouvez atteindre quand le site Web a été enregistré, quand il va expirer, quelles sont les coordonnées du site avec les informations suivantes. En un mot, il comprend ces informations;
%%
%% This is the AFNIC Whois server.
%%
%% complete date format : DD/MM/YYYY
%% short date format : DD/MM
%% version : FRNIC-2.5
%%
%% Rights restricted by copyright.
%% See https://www.afnic.fr/en/products-and-services/services/whois/whois-special-notice/
%%
%% Use '-h' option to obtain more information about this service.
%%
%% [2600:3c03:0000:0000:f03c:91ff:feae:779d REQUEST] >> robindavid.fr
%%
%% RL Net [##########] - RL IP [#########.]
%%
domain: robindavid.fr
status: ACTIVE
hold: NO
holder-c: ANO00-FRNIC
admin-c: OVH5-FRNIC
tech-c: OVH5-FRNIC
zone-c: NFC1-FRNIC
nsl-id: NSL45756-FRNIC
dsl-id: SIGN1214005-FRNIC
registrar: OVH
Expiry Date: 22/02/2019
created: 22/02/2014
last-update: 26/12/2017
source: FRNIC
ns-list: NSL45756-FRNIC
nserver: dns107.ovh.net
nserver: ns107.ovh.net
source: FRNIC
ds-list: SIGN1214005-FRNIC
key1-tag: 58923
key1-algo: 7 [RSASHA1-NSEC3-SHA1]
key1-dgst-t: 2 [SHA-256]
key1-dgst: 3075E8B97E0B1BA014E263D51300AC67C3C95E037C2C933EFFAECFABC70BDBD3
source: FRNIC
registrar: OVH
type: Isp Option 1
address: 2 Rue Kellermann
address: 59100 ROUBAIX
country: FR
phone: +33 8 99 70 17 61
fax-no: +33 3 20 20 09 58
e-mail: support@ovh.net
website: http://www.ovh.com
anonymous: NO
registered: 21/10/1999
source: FRNIC
nic-hdl: ANO00-FRNIC
type: PERSON
contact: Ano Nymous
remarks: -------------- WARNING --------------
remarks: While the registrar knows him/her,
remarks: this person chose to restrict access
remarks: to his/her personal data. So PLEASE,
remarks: don't send emails to Ano Nymous. This
remarks: address is bogus and there is no hope
remarks: of a reply.
remarks: -------------- WARNING --------------
registrar: OVH
changed: 09/06/2018 anonymous@anonymous
anonymous: YES
obsoleted: NO
eligstatus: not identified
reachstatus: not identified
source: FRNIC
nic-hdl: OVH5-FRNIC
type: ROLE
contact: OVH NET
address: OVH
address: 140, quai du Sartel
address: 59100 Roubaix
country: FR
phone: +33 8 99 70 17 61
e-mail: tech@ovh.net
trouble: Information: http://www.ovh.fr
trouble: Questions: mailto:tech@ovh.net
trouble: Spam: mailto:abuse@ovh.net
admin-c: OK217-FRNIC
tech-c: OK217-FRNIC
notify: tech@ovh.net
registrar: OVH
changed: 11/10/2006 tech@ovh.net
anonymous: NO
obsoleted: NO
eligstatus: not identified
reachstatus: not identified
source: FRNIC
nic-hdl: OVH5-FRNIC
type: ROLE
contact: OVH NET
address: OVH
address: 140, quai du Sartel
address: 59100 Roubaix
country: FR
phone: +33 8 99 70 17 61
e-mail: tech@ovh.net
trouble: Information: http://www.ovh.fr
trouble: Questions: mailto:tech@ovh.net
trouble: Spam: mailto:abuse@ovh.net
admin-c: OK217-FRNIC
tech-c: OK217-FRNIC
notify: tech@ovh.net
registrar: OVH
changed: 11/10/2006 tech@ovh.net
anonymous: NO
obsoleted: NO
eligstatus: not identified
reachstatus: not identified
source: FRNIC
REFERRER http://www.nic.fr
REGISTRAR AFNIC
SERVERS
SERVER fr.whois-servers.net
ARGS robindavid.fr
PORT 43
TYPE domain
RegrInfo
DISCLAIMER
%
% This is the AFNIC Whois server.
%
% complete date format : DD/MM/YYYY
% short date format : DD/MM
% version : FRNIC-2.5
%
% Rights restricted by copyright.
% See https://www.afnic.fr/en/products-and-services/services/whois/whois-special-notice/
%
% Use '-h' option to obtain more information about this service.
%
% [2600:3c03:0000:0000:f03c:91ff:feae:779d REQUEST] >> robindavid.fr
%
% RL Net [##########] - RL IP [#########.]
%
REGISTERED yes
ADMIN
HANDLE OVH5-FRNIC
TYPE ROLE
CONTACT OVH NET
ADDRESS
OVH
140, quai du Sartel
59100 Roubaix
COUNTRY FR
PHONE +33 8 99 70 17 61
EMAIL tech@ovh.net
TROUBLE
Information: http://www.ovh.fr
Questions: mailto:tech@ovh.net
Spam: mailto:abuse@ovh.net
ADMIN-C OK217-FRNIC
TECH-C OK217-FRNIC
NOTIFY tech@ovh.net
SPONSOR OVH
CHANGED 2006-10-11
ANONYMOUS NO
OBSOLETED NO
ELIGSTATUS not identified
REACHSTATUS not identified
SOURCE FRNIC
TECH
HANDLE OVH5-FRNIC
TYPE ROLE
CONTACT OVH NET
ADDRESS
OVH
140, quai du Sartel
59100 Roubaix
COUNTRY FR
PHONE +33 8 99 70 17 61
EMAIL tech@ovh.net
TROUBLE
Information: http://www.ovh.fr
Questions: mailto:tech@ovh.net
Spam: mailto:abuse@ovh.net
ADMIN-C OK217-FRNIC
TECH-C OK217-FRNIC
NOTIFY tech@ovh.net
SPONSOR OVH
CHANGED 2006-10-11
ANONYMOUS NO
OBSOLETED NO
ELIGSTATUS not identified
REACHSTATUS not identified
SOURCE FRNIC
OWNER
HANDLE ANO00-FRNIC
TYPE PERSON
CONTACT Ano Nymous
REMARKS
-------------- WARNING --------------
While the registrar knows him/her,
this person chose to restrict access
to his/her personal data. So PLEASE,
don't send emails to Ano Nymous. This
address is bogus and there is no hope
of a reply.
-------------- WARNING --------------
SPONSOR OVH
CHANGED 2018-06-09
ANONYMOUS YES
OBSOLETED NO
ELIGSTATUS not identified
REACHSTATUS not identified
SOURCE FRNIC
DOMAIN
STATUS ACTIVE
HOLD NO
DSL-ID SIGN1214005-FRNIC
SPONSOR OVH
EXPIRY DATE 22/02/2019
CREATED 2014-02-22
CHANGED 2017-12-26
SOURCE FRNIC
HANDLE NSL45756-FRNIC
NSERVER
DNS107.OVH.NET 213.251.188.151
NS107.OVH.NET 213.251.128.151
NAME robindavid.fr
Go to top
robindavid.fr rapport :
Visitez le site