Services

Offensive security consulting and public speaking: hands-on penetration testing, cloud security, hardware hacking, and conference talks.

Penetration Testing & Security Auditing

Offensive security assessments that go beyond automated scanning. Manual exploitation, technical analysis, and clear remediation guidance. Delivered in French or English.

Web Application Penetration Testing

Security assessments of web applications, APIs, and SPAs, covering authentication, authorization, business logic, and data handling vulnerabilities.

OWASP Top 10 coverage
API security testing
Authentication bypass techniques
Business logic flaws
Session management testing
Client-side security analysis

Internal Network Assessment

Simulated attacks on internal network infrastructure to identify weaknesses in segmentation, access controls, and lateral movement opportunities. Focus on Active Directory exploitation and privilege escalation.

Active Directory attacks
Kerberos exploitation (Kerberoasting, AS-REP roasting)
Lateral movement techniques
Network segmentation testing
Privilege escalation paths
Domain compromise scenarios

Cloud Security Assessment

Deep security reviews of cloud infrastructure across AWS, Google Cloud Platform (GCP), and Azure. I identify misconfigurations, excessive permissions, and privilege escalation paths before an attacker does.

AWS IAM and S3 misconfiguration hunting
GCP enumeration and privilege escalation
Azure AD and Office365 security
Cloud storage bucket exploitation
Container and Kubernetes security
Serverless function analysis

Hardware & IoT Security

Firmware analysis, PCB reverse engineering, and IoT device security assessments. I examine embedded systems, industrial control systems, and connected devices for vulnerabilities that are routinely missed by software-only testers.

Firmware extraction and analysis
PCB reverse engineering
UART/JTAG debugging
IoT protocol security
Embedded system exploitation
Radio frequency analysis

What You Receive

  • Executive summary with risk ratings
  • Detailed technical findings with proof-of-concept exploits
  • Step-by-step remediation guidance
  • CVSS scoring for identified vulnerabilities
  • Post-engagement consultation call

Conference Talks & Workshops

Conference talks and hands-on training sessions on offensive security techniques, from cloud exploitation to hardware hacking and firmware analysis. Past venues include NorthSec, Wild West Hackin' Fest, BSides series, and InCyber North America.

Conference Presentations

Technical talks at security conferences covering real-world attack techniques, case studies, and original attack research.

  • 45-60 minute keynote presentations
  • Technical talks with live demos
  • Interactive Q&A sessions
  • Custom topics based on your audience

Technical Workshops

Hands-on training sessions where attendees work through real attack scenarios on purpose-built lab environments.

  • Half-day or full-day workshops
  • Hands-on labs and exercises
  • Custom training environments
  • Take-home resources and tools
  • Small group sizes for personalized instruction

Corporate Training

Private training sessions built around your organization's technology stack and security gaps.

  • Custom curriculum development
  • On-site or remote delivery
  • Security awareness training
  • Red team techniques and attack simulation

Popular Workshop Topics

  • Active Directory Attack Lab Setup
  • Hardware Hacking and Firmware Analysis
  • Web Application Hacking: Beyond OWASP Top 10
  • Ethical Hacking: Pentesting 101

Previous Speaking Engagements

A selection of talks and workshops delivered at security conferences and corporate events.

Let’s Work Together

Ready to test your defenses before someone else does, or bring hands-on security content to your event?

Get In Touch