About

Hi there! I am a multidisciplinary researcher whose main fields of interests are inbetween technology and natural sciences, with a strong background in mathematics.
Hobbies-wise I like composing music, learning all I can, and debating endlessly about utopian realities.

Here is a non-exhaustive list of things I’ve worked on:

  • ctf-re, A CTF infrastructure with unique binaries and a deterministic anti cheat. (Creator)
  • ELSA & Jugemu, a suite of tools for crash analysis and exploit generation. (Creator)
  • A GPU Debugger for the PCSX2 project. (Creator)
  • LEAVES, A memory analysis tool aimed to facilitate browser exploitation. (Creator)
  • PCSX2, The most accurate Sony PlayStation 2 emulator. (Core contributor)
  • An IPC protocol for emulators, optimized for speed and same-frame results. (Creator)
  • MADNESS, A research paper explaining how I, along with friends, fully defeated the Nintendo Switch security model. (Creator)
  • navi, A security oriented NixOS based meta distribution for infrastructures. (Creator)
  • NixOS, A Linux based operating system with a package manager using a functional language. (Package Maintainer)
  • A bunch of reverse-engineering related projects, from custom 3d formats to decompilers and disassemblers with the occasional sequenced music formats, without forgetting the mandatory translation project. (Creator)
  • PyTouhou, A libre reimplementation of the Touhou suite of softwares in Rust and Python. (Core contributor)
  • Security research under a widely deployed device, akin to the MADNESS project. (NDA)
  • Some non commercial video games for which I’ve won some awards and some mods. (Lead Developer, Director, Story and miscellaneous roles)
  • WireGuard, A modern VPN protocol. (small contributor, GSoC)
  • zut A portable library for fast factorization of \(\mathbb{Z}/2\mathbb{Z}\) polynomials using Berlekamp’s algorithm. (Creator)

On top of this, I’ve also taught the following classes as the main intervening professor of the computer security course of the ESGI:

  • Reverse engineering and binary exploitation (M1, 2019)
  • Pentest of Android applications (M1, 20{19,20})
  • Security of Wi-Fi Networks (L3, 2020)
  • Preparation to the OSCP certification (M2, 2020)
  • Advanced cryptography (M1, 20{19,20})
  • Network Forensics (M2, 2020)
  • Identity Access Management (M2, 2019)
  • Web browser and OS Kernel exploitation (M2, 2020, creator of the class)

My e-mail address is me@govanify.com.
My mastodon account is @me@govanify.com.
My matrix account is @me:govanify.com.
For sensitive communications either use Matrix or PGP-encrypted emails.
My PGP key (5214 2D39 A7CE F8FA 872B CA7F DE62 E1E2 A614 5556) is available here.

This website also contains some blogposts of varying quality. I usually am rather reserved when it comes to work so it might take a while before I get in the mood to write a new one.

Recent Posts

A look into the state machine: Ghidra loaders, analyzers and processor definition for Kingdom Hearts 2 AI

published on
Merry christmas everyone! It’s been a (very) busy year on my end and I’ve barely got any time for myself to post. I actually had things to talk about, like a small Nintendo Switch research paper that I published or some very specialized Z/2Z polynomial factoring code that I wrote but most of my articles just kinda went on the backburner. I have more than 10 in a draft status now! Read More...

Solving Google Foobar and hacking it along the way

published on
Recently I learned about the existence of what is known as Google Foobar also known as “Google secret recruiting program” or “How much bunnies can you rescue before wanting to kill someone” and being the stubborn me that I am, I decided to force my way in and try the challenges! … I didn’t expected to be able to get in but it seems I did, so I guess I’m indebted to do a writeup or something? Read More...

WireGuard and the Linux Networking Subsystem

published on
Before this article truly begins I’d like to explain what I’ve done in the last few months and what this article truly is about: As some of you may know, I worked on WireGuard as a part of the Google Summer of Code for the last 3 months, which basically is contract work for students, giving you a stipend while you work for an organization of your choice, in my case the Linux Foundation, in the open source world if selected. Read More...