Étienne BAUDIN

Professional Profile

  • I am currently a Cyber-Security Consultant at CERT-XMCO (XMCO).

Work Experience

  • XMCO, Full-Time

    Part of the CERT-XMCO, I mostly do:
    * Computer monitoring especially on vulnerabilities, exploits, and about information security
    * R&D, cyber-surveillance and forensics work
    * Writing articles for the quarterly magazine (Actusécu) and blog (blog.xmco.fr)
    * Punctual Development (python, vba, ...)
  • Bugcrowd, Part-Time


    Finding bugs (XSS, SQL injection, and others) on differents websites
    Malware analysis
  • EFREI, Full-Time


    Development of a network cartography webtool which allows to see what is going on your network.
    • Utilization of tshark, pfsense
    • Redaction of a business plan for this tool

  • Publications

    • Actusecu #37 - State of art of SAP Pentests


      • Analysis of the malware BlackPOS used in the Target attack

      • This document is available for free here (in French)


      Actusecu #36 - BlackPOS and Target


      • Analysis of the PHP-CGI vulnerability referenced CVE-2012-1823
      • Study of legitimate backdoors in public routers

      • This document is available for free here (in French)

Education

  • 2011 - 2013

    EFREI, Engineering School in Paris specialized in Information and Communication Technology


    Master’s years, specialized on Networks and Services, in Security and Cryptography

  • 2010

    University of Marne-la-vallée


    Bachelor of Science (BS) in Mathematics and Computer Science

  • September - December, 2010

    Staffordshire University, Stafford, UK


    Full immersion for 3 months following computer science courses

  • 2008-2011

    EFREI, Engineering School in Paris specialized in Information and Communication Technology


    Bachelor's years with courses in Computer Science, Mathematics, Physics