Junior Security Researcher

You will find here everything related to my engineering studies and my projects.

Personal Information

Date of birth
17 March 1993
romainthomasc at gmail dot com

Work Experience


Junior Security Researcher at QuarksLab

from September 2015

My works are focus on:

  • Code obfuscation
  • Reverse engineering

Internship at QuarksLab

from April 2015 to July 2015

During this internship, I worked on a compiler code obfuscator

  • I used LLVM compiler infrastructure.
  • I developed a code coverage tool based on Trtion
  • I studied the Obfuscator-LLVM security with Triton

Internship at QuarksLab

from July 2014 to August 2014

During my internship, I studied the JTAG and how to discover its ports. I used various devices like router, 4G Internet key.

  • I developed a JTAG testing tool – Available my GitHub page.
  • I used the Bus Blaster and the JTAGulator with the openOCD library.

Internship at ATACAMA Compagny

August 2013 to November 2013

Web developper

I developed the company's website by using Model–view–controller architecture .

  • PHP5
  • MySQL
  • JQuery


2011 - Now


Engineering Studies

Engineering student in fourth year

2014 - 2015

École Polytechnique de Montréal

Bachelor’s degree, Computer Science

2010 - 2011

Lycée Maurice Ravel


Scientific Baccalauréat in Lycée Maurice Ravel mention Bien equivalent to an A level.


Quantum Mechanics project : The quantum eraser

During the three months project, we studied the studied the quantum eraser experiment which include :

  • Quantum spin
  • Ramsey interferometry
  • Entangled states

Implementation of the One-Wire protocol in a FPGA

We implemented the One-Wire protocol designed by Dallas Semiconductor to communicate between thermometers.

Optimization of Dijkstra’s algorithm

We programmed the Dijkstra’s algorithm in C then we optimized it by using :

  • A* search algorithm
  • Binary heap


St'Hack 2016 - 8 avril 2016

Dynamic Binary Analysis and Obfuscated Codes

With Jonathan Salwan

At this presentation we will talk about how a DBA (Dynamic Binary Analysis) may help a reverse engineer to reverse obfuscated code. We will first introduce some basic obfuscation techniques and then expose how it's possible to break some stuffs (using our open-source DBA framework - Triton) like detect opaque predicates, reconstruct CFG, find the original algorithm, isolate sensible data and many more... Then, we will conclude with a demo and few words about our future work.

MISC magazine - 82 (2015)

How Triton may help to analyse obfuscated binaries

With Jonathan Salwan

Binary obfuscation is used to protect software's intellectual property. There exist different kinds of obfucation but roughly, it transforms a binary structure into another binary structure by preserving the same semantic. The aim of obfuscation is to ensure that the original information is "drown" in useless information that will make reverse engineering harder. In this article we will show how we can analyse an ofbuscated program and break some obfuscations using the Triton framework




Native speaker
TOEIC: 865 - TOEFL ITP: 567
Basic communication skills.

IT skills

Whitebox Cryptographie Dynamic Instrumentation Code obfuscation Reverse Engineering [x86|x64] XSS SQLi CSRF Buffer/Heap Overflow
Programming languages
C/C++ Python VHDL ASM [x86|68k] Java Php/MySQL
Z3 Scikit-learn Boost IDA Pro Sage Maple


Write up crypto 300 - HITB 2015

Write up crypto 400 - HITB 2015