Feist Josselin

Phd student under the supervision of Potet Marie-Laure and Mounier Laurent
Subject : Binary analysis to assist detection and exploitability of vulnerability related to dynamic memory management
I should finish my thesis at the end of this year (end of 2016)
Here is my CV.

Current projects :
- GUEB : Use After Free detection on binary code
- Binsec : I'm working on a guided symbolic engine within the Binsec project

Topics :

- Vulnerability discovery
- Static analysis
- Dynamic analysis
- Symbolic / Concolic execution
- Exploit automation
- Exploit writing
- Reverse engineering

More generally I'm interested in all subjects that can mix academics works with hacking topics.

Publications :

Conferences :
SEFM 2016 : Guided Dynamic Symbolic Execution Using Subgraph Control-Flow Information. Josselin Feist, Mounier Laurent and Marie-Laure Potet
ISSTA 2016 : Specification of Concretization and Symbolization Policies in Symbolic Execution. Robin David, Seİbastien Bardi, Josselin Feist, Laurent Mounier, Marie-Laure Potet, Thanh Dinh Ta, Jean-Yves Marion
Saner 2016 : BINSEC/SE: A Dynamic Symbolic Execution Toolkit for Binary-level Analysis. Robin David, Sebastien Bardin, Mounier Laurent, Thanh Dinh Ta, Jean-Yves Marion, Josselin Feist and Marie-Laure Potet
Codaspy 2016 : Toward large-scale vulnerability discovery using Machine Learning. Gustavo Grieco, Guillermo Luis Grinblat, Lucas Uzal, Sanjay Rawat, Josselin Feist and Laurent Mounier
Toorcon San Diego 2015 : GUEB : Static Detection of Use-After-Free on Binary
SDTA 2014 : Using static analysis to detect use-after-free on binary code. Josselin Feist, Laurent Mounier, Marie-Laure Potet
GreHack 2013 : Statically detecting Use-After-Free on Binary Code. Josselin Feist, Laurent Mounier, Marie-Laure Potet

Journals :
Journal of Computer Virology and Hacking Techniques : Statically detecting Use-After-Free on Binary Code. Josselin Feist, Laurent Mounier, Marie-Laure Potet

Workshops :
Wessi 2014 : Vulnerability analysis and exploitation. Karim Hossen , Josselin Feist (workshop focused on different way of teaching security)

Other :
Misc HS9 : Analyse de Code et Recherche de vulnerabilites. Marie-Laure Potet, Josselin Feist, Laurent Mounier (french technical journal)

Collaborations :

Parallel to my research, I'm also working with Grieco Gustavo from the National University of Rosario (Argentina).
This work focuses on how to combine machine learning with vulnerability discovery in a context of large scale binary analysis.
For more information see Vdiscover

Teaching :

Network and System Administration courses : Master SAFE / Master SCCI (Joseph Fourier University, Ensimag Grenoble)
Software and web security courses : Master SAFE / Master SCCI (Joseph Fourier University, Ensimag Grenoble)

Student supervision :

Dobrescu G. / Meignan M. : Binary analysis and dynamic jumps. Student project (Ensimag, Grenoble)
Dobrescu G. : Binary analysis and dynamic jumps. End-of-study projects (University Politehnica of Bucharest, Romania)
Fay A. : Vulnerability in web browser (use-after-free exploitation). Student project, and 2 month internship (Joseph Fourier University, Grenoble)
Milanov B. : Buffer overflow exploitation. 1 month internship (Joseph Fourier University, Grenoble)
Ranc B. : Allocation function detection. Student project, and 2 month internship (Joseph Fourier University, Grenoble)

Fun and profit :
President of Securimag, a french association. Presentations related to hacking, security + CTF and project
Orga of Grehack 2015 Grehack