Skip to content
View ElNiak's full-sized avatar
:shipit:
Focusing
:shipit:
Focusing
76 followers · 94 following

Achievements

Achievement: Pull Sharkx2Achievement: Galaxy BrainAchievement: Public SponsorAchievement: Pair ExtraordinaireAchievement: QuickdrawAchievement: YOLOAchievement: Starstruck

Achievements

Achievement: Pull Sharkx2Achievement: Galaxy BrainAchievement: Public SponsorAchievement: Pair ExtraordinaireAchievement: QuickdrawAchievement: YOLOAchievement: Starstruck

Highlights

  • Pro

Organizations

@csvl

Block or report ElNiak

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
ElNiak/README.md

Hey there 👋, I'm ElNiak

linkedin buy-me-a-coffee medium

Glad to see you here!

I’m a cybersecurity researcher and teaching assistant at UCLouvain. Being a researcher allows me to not only develop autonomy and knowledge but also develop two tools improving security and analysis.

I have a computer science master degree (155 ECTS) in:

  • software engineering,

  • software & network security (mainly for transport and application layers)

  • and AI (basic knowledge - ML/DL).

I love designing systems that are light yet powerful, not over engineered, distributed yet synchronized and beautiful yet effective.


More about me

Researches

A. Toward (More) Secured Network Systems

In my current role, my thesis is currently named "Toward (More) Secured Network Systems". It is based on Network-centric Compositional Testing by McMillan & al. using the Ivy tool.

From that, we extended the methodology with network simulator encapsulation for reproductible experiment. This also enable the verification of time-varying properties (e.g congestion and packet loss mechanisms). See "Network Simulator-centric Compositional Testing" article.

Then we also propose formal requirements mutation enabling to verify implementation outside the specifications. And also to model formal attackers. You can check out "Formally Reproducing and Discovering new Vulnerabilities".

All of my work is then build on top of my tool Panther enabling convenient testing using a pluggable architecture of new IUTs.

Readme Card

Readme Card
  • Crochet, C., Aoga, J., & Legay, A. (2024). Formally Discovering and Reproducing Network Protocols Vulnerabilities (NordSec24).
@inproceedings{crochet2024formally,
  title={Formally Discovering and Reproducing Network Protocols Vulnerabilities},
  author={Crochet, Christophe and Aoga, John and Legay, Axel},
  booktitle={Nordic Conference on Secure IT Systems. Springer},
  year={2024}
}
  • Rousseaux, T., Crochet, C., Aoga, J., Legay, A. (2024). Network Simulator-Centric Compositional Testing. In: Castiglioni, V., Francalanza, A. (eds) Formal Techniques for Distributed Objects, Components, and Systems. FORTE 2024. Lecture Notes in Computer Science, vol 14678. Springer, Cham. https://doi.org/10.1007/978-3-031-62645-6_10
@inproceedings{tom2024network,
  title={Network Simulator-Centric Compositional Testing},
  author={Tom Rousseaux , Christophe Crochet , John Aoga, and Axel Legay},
  booktitle={FORTE: International Conference on Formal Techniques for Distributed Objects, Components, and Systems},
  volume={14678},
  pages={177--196},
  year={2024}
}
  • Crochet, C., Rousseaux, T., Piraux, M., Sambon, J.-F., & Legay, A. (2021). Verifying quic implementations using ivy. In Proceedings of the 2021 Workshop on Evolution, Performance and Interoperability of QUIC. DOI
@inproceedings{crochet2021verifying,
  title={Verifying QUIC implementations using Ivy},
  author={Crochet, Christophe and Rousseaux, Tom and Piraux, Maxime and Sambon, Jean-Fran{\c{c}}ois and Legay, Axel},
  booktitle={Proceedings of the 2021 Workshop on Evolution, Performance and Interoperability of QUIC},
  pages={35--41},
  year={2021}
}
  • Crochet, C., & Sambon, J.-F. (2021). Towards verification of QUIC and its extensions. (Master's thesis, UCL - Ecole polytechnique de Louvain). Available at UCLouvain. Keywords: QUIC, Formal Verification, RFC, IETF, Specification, Ivy, Network.
@article{crochettowards,
  title={" Towards verification of QUIC and its extensions},
  author={Crochet, Christophe and Sambon, Jean-Fran{\c{c}}ois and Legay, Axel and Bonaventure, Olivier}
}

B. Symbolic Execution for Malware Analysis

Finally, I also work on malware analysis using symbolic execution technique using the angr framework.

Readme Card
  • S Lucca, C Crochet, CHB Van Ouytsel, A Legay (2023). On Exploiting Symbolic Execution to Improve the Analysis of RAT Samples with angr. FPS2023
@inproceedings{lucca2023exploiting,
  title={On Exploiting Symbolic Execution to Improve the Analysis of RAT Samples with angr},
  author={Lucca, Serena and Crochet, Christophe and Bertrand Van Ouytsel, Charles-Henry and Legay, Axel},
  booktitle={International Symposium on Foundations and Practice of Security},
  pages={339--354},
  year={2023},
  organization={Springer Nature Switzerland Cham}
}
  • CH Bertrand Van Ouytsel, C Crochet, KHT Dam, A Legay (2022). Tool paper-sema: Symbolic execution toolchain for malware analysis. International Conference on Risks and Security of Internet and Systems, 62-68
@inproceedings{bertrand2022tool,
  title={Tool paper-SEMA: symbolic execution toolchain for malware analysis},
  author={Bertrand Van Ouytsel, Charles-Henry and Crochet, Christophe and Dam, Khanh Huu The and Legay, Axel},
  booktitle={International Conference on Risks and Security of Internet and Systems},
  pages={62--68},
  year={2022},
  organization={Springer Nature Switzerland Cham}
}

Private Projects

Security related

Readme Card

Readme Card

Readme Card

Readme Card

Readme Card

Others

Readme Card

Readme Card

Readme Card

Readme Card

Readme Card

  • 🌱 I’m currently learning Ivy used for formal verification, angr for malware analysis and many other techs. All of my application use Docker for better deployment across the world.

  • 💬 Ask me about formal verification and code analysis!

  • ⚡ Fun fact: There is no fun! Just writing code and drinking coffee 24/7 only 😎👌


Languages and Tools

React Bootstrap CSS3 HTML5 JavaScript C++ C AWS Docker PHP MySQL MongoDB Python Nginx Express.js Bash Raspberry Pi Elastic Search Flask Linux Sass Jenkins Git Firebase Arduino Node.js Scala Android LaTeX Java Azure

Github Stats

Profile views counter committers.top badge


Pinned Loading

  1. csvl/SEMA csvl/SEMA Public

    SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (…

    Python 106 21

  2. PANTHER PANTHER Public

    This tool presents a novel approach to bolstering network protocol verification by integrating the Shadow network simulator with the Ivy formal verification tool to check time properties. Furthermo…

    C 32 3

  3. cupp-rs cupp-rs Public

    Common User Passwords Profiler (CUPP) in Rust

    Rust 25 1

  4. PySSH3 PySSH3 Public

    Translation of SSH3 project (from commit c39bb79cdce479f6095ab154a32a168e14d73b57) to Python 3 library. Check the original project for more information !

    Python 13

  5. BountyDrive BountyDrive Public

    Forked from j1t3sh/SQL-Injection-Finder

    BountyDrive is a comprehensive tool designed for penetration testers and cybersecurity researchers. It integrates various modules for performing attacks (google dorking, sqli, xss), reporting, and …

    Python 15 1

  6. PANTHER-Ivy PANTHER-Ivy Public

    Forked from kenmcmil/ivy

    IVy is a research tool intended to allow interactive development of protocols and their proofs of correctness and to provide a platform for developing and experimenting with automated proof techniq…

    C++ 8 1