Jonathan Brossard

Doctorant
Personal website: https://endrazine.com
Office: 33.1.25

Jonathan Brossard is an Associate Professor at the Conservatoire National des Arts et Métiers (Paris, France), PhD candidate, and Researcher at the ISID laboratory of CEDRIC, teaching more particularly within the Chair of Cybersecurity. In parallel to his Academic activities, Pr. Brossard is the creator and CTO of the startup MOABI, a DeepTech company regularly awarded and acclaimed by the industry for its technological innovations. A globally recognized cybersecurity expert, he has participated in more than fifty conferences across the Planet, authoring original research. He is the inventor of several patents and author of open-source software, including the Witchcraft Compiler Collection (WCC) (available under Debian, Ubuntu, Arch Linux, Kali Linux, etc.), popular among cybersecurity experts. Pr. Brossard published the first known attacks against Microsoft Bitlocker encryption software, as well as the first remote attacks targeting Microsoft Windows 10 and the Microsoft Edge web browser. His research on cyber security has been covered in numerous international media, such as Le Monde, the MIT Technology Review, and Forbes Magazine, which covered his "Proof of Concept" of Malware Rakshasa (the world's first Firmware Backdoor). He regularly participates in popularizing cybersecurity among the general public, providing expertise on subjects such as car hacking, the hacking of the French President by foreign secret services, or reviewing the documents made public by Edward Snowden. Before joining the CNAM, Pr. Brossard previously worked as Director of Security and Principal Engineer at Salesforce (San Francisco, United States). He has also worked in Australia, India and lived in Brazil. Pr. Brossard is finally recognized as a Pioneer in the French IT community for having created the pioneering international cybersecurity conferences in France, Hackito Ergo Sum (in 2009) and NoSuchCon (in 2013), as well as having been a member of the /tmp/lab, the first Hackerspace in France (2009). An Alumni of the Lycée Louis le Grand, Pr. Brossard is an Engineer, holds a Master's degree in Artificial Intelligence and is a PhD candidate in Computer Science at the CNAM. See also his PhD thesis and his profiles on ORCID, Github, Twitter or Linkedin.

2024

Articles de conférence

  1. Brossard, J. Toward Partial Proofs of Vulnerabilities. In 2024 IEEE Secure Development Conference (SecDev), pages 180-182, IEEE, Pittsburgh, United States, 2024. doi  www 
  1. Brossard, J. Introduction to Procedural Debugging through Binary Libification. In 18th USENIX WOOT Conference on Offensive Technologies, pages 17-25, USENIX Association, Philadelphia, PA, United States, 2024. www 

2020

Brevets

  1. Brossard, J.; Prasad, P.; Travis, E. and Ryan, G. Language-agnostic secure application deployment. www 
  1. Brossard, J.; Guest, R.; Prasad, P. and Travis, E. LANGUAGE AGNOSTIC SECURE APPLICATION DEVELOPMENT. www 

Articles de conférence

  1. Brossard, J. Automotive/IoT Network Exploits: From Static Analysis to Reliable Exploits. In RSA Conference, San Francisco, United States, 2020. www 
  1. Brossard, J. Reverse Engineering da Morte que Mata. In RoadSec Conference 2020, Sao Paolo, Brazil, 2020. www 
  1. Brossard, J. ATTAQUES CONTRE LES SUPPLY CHAINS, RANSOMWARE : DE LA NECESSITE DE NOUVEAUX PROCESSUS. In CESIN : Keynote 2020, Reims, France, 2020. www 

Divers

  1. Brossard, J. [RoadSec Keynote 2020] Reverse Engineering da Morte que Mata. www 
  1. Brossard, J. [RSA Conference 2020] Automotive/IoT Network Exploits: From Static Analysis to Reliable Exploits. www 

2019

Articles de conférence

  1. Brossard, J. Hardware Backdooring is practical. In Nullcon Conference 2019, Goa, India, 2019. www 

2018

Brevets

  1. Brossard, J. and Jonathan Brossard Nicolas, M. METHOD FOR SECURING ACCESS TO A COMPUTER DEVICE. www 

2017

Articles de conférence

  1. Brossard, J. and Richard, R. Silent Protest. In Shakacon Conference 2017, Honololu, Hawaii, United States, 2017. www 
  1. Brossard, J. Introduction to the Witchcraft Compiler Collection. In BSides San Francisco 2017, San Francisco (CA, USA), United States, 2017. www 

Divers

  1. Brossard, J. [SHA217/CCC] Silent Protest: DIY wearable protest network. , Recording from the SHA217 Conference, organised by the CCC. www 
  1. Brossard, J. [BSides San Francisco 2017] Introduction to the Witchcraft Compiler Collection. www 

2016

Livres

  1. Brossard, J. Witchcraft Compiler Collection : User Manual. UBM, 2016. www 

Articles de conférence

  1. Brossard, J. Introduction to the Witchcraft Compiler Collection. In Intel Security Conference (iSec) 2016, Hillsboro, United States, 2016. www 
  1. Brossard, J. Introduction to the Witchcraft Compiler Collection. In H2HC Conference 2016, Sao Paolo, Brazil, 2016. www 
  1. Brossard, J. Introduction to the Witchcraft Compiler Collection. In DEFCON 24, Las Vegas, United States, 2016. www 
  1. Brossard, J. The Witchcraft Compiler Collection : Towards Self Aware Computer Programs. In Blackhat Briefings (UK) 2016, London, United Kingdom, 2016. www 
  1. Brossard, J. Introduction to the Witchcraft Compiler Collection. In DEFCON 24, Las Vegas, United States, 2016. www 

Divers

  1. Brossard, J. [DEFCON 2016] Introduction to the Witchcraft Compiler Collection. www 
  1. Brossard, J. [Shakacon 2017] Silent Protest : a Wearable Protest Network. www 
  1. Brossard, J. [H2HC 2016] Witchcraft Compiler Collection : Towards self aware computer Programs. www 
  1. Brossard, J. [Blackhat Europe 2016] Introduction to the Witchcraft Compiler Collection. www 

2015

Articles de conférence

  1. Brossard, J. XXE defence(les)s in JDK XML parsers. In Blackhat USA, Las Vegas, United States, 2015. www 
  1. Brossard, J. Filecry : the new age of XXE. In Blackhat USA, Las Vegas, United States, 2015. www 
  1. Brossard, J. Hardware Backdooring is Practical. In Shakacon Conference 2015, Honololu, Hawaii, United States, 2015. www 
  1. Brossard, J. SMB : Sharing more than your files... In Blackhat USA, Las Vegas, United States, 2015. www 

Divers

  1. Brossard, J. [Blackhat 2015] SMBv2 : Sharing More than your Files. www 

2014

Brevets

  1. Brossard, J. Dispositif et un procédé de protection contre la rétro conception. www 

2013

Articles de conférence

  1. Brossard, J. Hardware Backdooring is Practical. In AusCERT, Brisbane (AU), Australia, 2013. www 
  1. Brossard, J. Katsuni理论介绍以及在沙盒和软件仿真方面的应用. In Syscan 360 2013, Beijing (China), China, 2013. www 
  1. Brossard, J. Malware, Sandboxing and You : How Enterprise Malware and 0day detection is about to fail (again). In RUXCON Conference 2013, Melbourne (AUS), Australia, 2013. www 
  1. Brossard, J. An introduction to the Katsuni theorem and its application to sandboxing and software emulation. In Syscan Beijing, Beijin, Chine, China, 2013. www 
  1. Brossard, J. Sandboxing is (the) shit !. In Hackers to Hackers Conference (H2HC) 2013, Sao Paolo, Brazil, 2013. www 

Divers

  1. Brossard, J. [H2HC 2013] Sandboxing is (the) shit !. www 

2012

Articles de conférence

  1. Brossard, J. Hardware Backdooring is practical. In Blackhat Briefings (USA) 2012, Las Vegas, United States, 2012. www 
  1. Brossard, J. Proprietary Protocols RCE : Research leads. In RUXCON Conference Sydney Monthly 2012, Sydney (AUSTRALIA), Australia, 2012. www 
  1. Brossard, J. Hardware Backdooring is practical. In Blackhat Briefings (USA) 2012, Las Vegas, United States, 2012. www 
  1. Brossard, J. Hardware Backdooring is practical. In RUXCON Conference 2012, Melbourne (AUS), Australia, 2012. www 
  1. Brossard, J. Post Memory Corruption Memory Analysis. In Chaos Communication Congress 2012, Berlin (DE), Germany, 2012. www 
  1. Brossard, J. Hardware Backdooring is Practical. In Blackhat USA, Las Vegas, United States, 2012. www 
  1. Brossard, J. Hardware Backdooring is Practical. In Nullcon Conference 2012, Goa, India, 2012. www 
  1. Brossard, J. Hardware Backdooring is Practical. In Intel Security Conference (iSec) 2012, Hillsboro, United States, 2012. www 
  1. Brossard, J. Hardware Backdooring is Practical. In No Such Conference 2012, Paris, France, 2012. www 
  1. Brossard, J. Hardware Backdooring is practical. In DEFCON 20, Las Vegas, United States, 2012. www 

Divers

  1. Brossard, J. [RUXCON 2012] Hardware Backdooring is Practical. www 
  1. Brossard, J. [DEFCON 2012] Hardware Backdooring is Practical. www 
  1. Brossard, J. [Blackhat 2012] Hardware Backdooring is Practical. www 
  1. Brossard, J. [Nullcon 2013] Hardware Backdooring is Practical. www 
  1. Brossard, J. [CCC 2011] Post Memory Corruption Memory Analysis : Automated Exploitation of Invalid Memory Writes. www 

2011

Articles de conférence

  1. Brossard, J. Post Memory Corruption Memory Analysis. In HITB Conference Kuala-Lumpur 2011, Kuala Lumpur, Malaysia, 2011. www 
  1. Brossard, J. Post Memory Corruption Memory Analysis. In Blackhat USA, Las Vegas, United States, 2011. www 
  1. Brossard, J. Post Memory Corruption Memory Analysis. In RUXCON Conference 2011, Melbourne (AUS), Australia, 2011. www 
  1. Brossard, J. Post Memory Corruption Memory Analysis. In Kiwicon New Zealand 2011, Wellington, New Zealand, New Zealand, 2011. www 

Divers

  1. Brossard, J. [Blackhat 2011] Post Memory Corruption Memory Analysis. www 
  1. Brossard, J. [HITB Malaysia 2011] Post Memory Corruption Memory Analysis. www 

Rapports

  1. Brossard, J. Beyond Fuzzing : Exploit Automation with PMCMA. Technical Report, HITB, 2011.

2010

Articles de conférence

  1. Brossard, J. Breaking virtualization by any means. In HITB Conference Kuala-Lumpur 2010, Kuala Lumpur, Malaysia, 2010. www 
  1. Brossard, J. Generic exploitation of invalid memory writes. In Hackers to Hackers Conference (H2HC) 2010, Sao Paolo, Brazil, 2010. www 
  1. Brossard, J. Breaking Virtualization by switching the CPU to 8086 mode. In HITB Conference Kuala-Lumpur 2010, Kuala Lumpur, Malaysia, 2010. www 
  1. Brossard, J. Breaking virtualization by switching the cpu to virtual 8086 mode. In RUXCON Conference 2010, Melbourne (AUS), Australia, 2010. www 
  1. Brossard, J. Breaking Virtualization by switching to Virtual 8086 mode. In HITB Conference Amsterdam 2010, Amsterdam (NETHERLANDS), Netherlands, 2010. www 
  1. Brossard, J. Breaking Virtualization by switching the CPU to 8086 mode. In Hackito Ergo Sum 2010, Paris, France, 2010. www 

2009

Articles de conférence

  1. Brossard, J. PreBoot Authentication Password Cracking on a budget. In Hackers to Hackers Conference (H2HC) 2009, Sao Paolo, Brazil, 2009. www 
  1. Brossard, J. Zero crypto attacks against preboot authentication passwords. In Telecomix Conference 2009, Goteberg, Sweden, 2009. www 

Divers

  1. Brossard, J. [H2HC 2009] Pre-Boot Authentication Password Cracking on a Budget. www 

2008

Articles de conférence

  1. Brossard, J. Bypassing pre-boot authentication passwords by instrumenting the BIOS keyboard buffer. In DEFCON 16, Las Vegas, United States, 2008. www 
  1. Brossard, J. Reverse Engineering for exploit writers. In ClubHack, Pune, India, India, 2008. www 
  1. Brossard, J. Bypassing pre-boot authentication passwords by instrumenting the BIOS keyboard buffer. In DEFCON 16, Las Vegas, United States, 2008. www 

Divers

  1. Brossard, J. [DEF CON 2008] Bypassing Pre-Boot Authentication Passwords by Instrumenting the BIOS Keyboard Buffer. www 

2005

Divers

  1. Brossard, J. BIOS Information Leakage. www 
Top