technical overview of Claude Code’s security model, including its permission system, sandboxing architecture, identity and access management (IAM), and operational best practices.
2026, Jan 13 —Staking in Solana is the process of locking SOL tokens in a stake account to...
2025, Nov 09 —Cryptocurrency exchanges play a pivotal role in the digital asset ecosystem, serving as platforms for on-ramp, trading, storing, and converting cryptocurrencies. As central nodes in a highly valuable and rapidly evolving industry, these exchanges are frequent targets for cyberattacks and financial fraud.
2025, Nov 06 —Deep dive into blockchain wallets with Circle and Fireblocks and explore how they use AWS services such as AWS Nitro Enclave
2025, Jul 29 —AWS Nitro Enclaves, a feature of Amazon EC2, aims to offer highly isolated and secure execution environments.
2025, Jul 17 —Short integer solution (SIS)is an average-case problems used in lattice-based cryptography constructions. SIS is one of the problems believed to be hard even for quantum computers.
2025, Apr 23 —Artificial Intelligence(AI) and Machine Learning Models bring with them a range of new challenges and security concerns. From the creation of realistic deepfakes to vulnerabilities like prompt injection and the use of Shadow AI systems inside an organization.
2025, Jan 22 —This article provides a comprehensive overview of three foundational security models: Bell-LaPadula, Biba, and Clark-Wilson.
2025, Jan 15 —DFIR stands for **Digital Forensics and Incident Response**. This field covers the collection of forensic artifacts from digital devices such as computers, media devices, and smartphones to investigate an incident.
2025, Jan 15 —Fault injection attack (FIA) is a technique that targets the hardware itself to create unexpected behaviors in systems, often with catastrophic consequences.
2024, Dec 30 —Mutual TLS (mTLS) is an extension of the standard TLS protocol which requires both the client and server to present and validate certificates, enabling mutual authentication.
2024, Dec 16 —The Pyramid of Pain visually organizes six types of indicators used to detect and mitigate cyber threats, illustrating how targeting each type of indicator affects the attacker’s ability to operate.
2024, Nov 28 —This article presents the different types of crypto wallets (hot, warm, cold) and their associated risks
2024, Oct 15 —Basic Security tips to write Secure Solana Programs, based on School of Solana Season 5 by Ackee Blockchain Security
2024, Aug 20 —This article presents the liquidation function from the Dyad Stablecoin made during the code4Arena contest
2024, May 02 —This article summarizes the main hacks that took place during the month of October 2022 in the DeFi ecosystem.
2022, Dec 11 —Hashcat is a security tool allowing to recover passwords form a hash on a large number of hash functions (md5, sha1, sha256)
2022, Nov 13 —XSS-game was launched by Google to train for XSS vulnerabilities with 6 challenges to solve. This document summarizes the solutions for challenges 1 to 5.
2022, Nov 12 —This article details how to encrypt a USB drive on Windows with Bitlocker, an encryption tool offered by Windows.
2022, Oct 06 —Presentation of a list of tools to perform a forensic analysis on a disk image (minfo, fls, mount, photorec, ...).
2022, Sep 16 —Cet article présente le protocole Wifi WEP (Wired Equivalent Privacy) en se focalisant sur les aspects sécuritaires (confidentialité, intégrité, authenticité).
2022, Apr 28 —Cet article présente un test d'intrusion sur le protocole telnet afin de sensibiliser le lecteur aux différentes vulnérabilités possibles pour qu'il s'en prémunisse.
2022, Feb 05 —Questions & Réponses du chapitre 10 du livre The Web Application Hacker's Handbook
2022, Feb 03 —Questions & Réponses du chapitre 18, Attacking the Application Server, du livre The Web Application Hacker's Handbook
2022, Feb 03 —Questions & Réponses du chapitre 11, Attacking Application Logic, du livre The Web Application Hacker's Handbook
2022, Feb 03 —Pourquoi est-il important d'employer des mots de passes forts ? Illustration à travers l'exemple de l'application vulnérable DVWA.
2021, Nov 13 —Présentation d'un test d'intrusion sur une ancienne version de HTTP File Server afin de sensibiliser le lecteur aux différentes vulnérabilités possibles pour qu'il s'en prémunisse.
2021, Nov 01 —cet article présente un test d'intrusion sur une ancien version d'un serveur apache tomcat afin de sensibiliser le lecteur aux différentes vulnérabilités possibles pour qu'il s'en prémunisse.
2021, Oct 19 —Cet article introduit le concept de test d'intrusion (pentesting)
2021, Oct 17 —Cet article présente comment accéder à distance à un shell ainsi que la mise en place d'une connexion sécurisée entre un client et un serveur.
2021, Oct 14 —Cet article présente une liste de vulnérabilités (CWE 121, CWE 122, etc.) et menaces potentielles avec le langage C afin de sensibiliser les programmeurs.
2021, Jun 22 —Cet article résume les principaux points du protocole WPA, notamment la génération des clés, le contrôle d'intégrité avec MIC et la confidentialité avec TKIP
2021, Jun 15 —Afficher les logs de Mimikatz sur Windows grâce à l'event viewer
2021, May 18 —Compilation avec gcc et commandes de base de GDB
2021, May 18 —Cet article présente la commande Meterpreter migrate du logiciel Metasploit. Celle-ci permet à un attaquant d'élever ses privilèges sur la machine après qu'il ait pu obtenir dessus une session meterpreter.
2021, May 16 —Présentation du logiciel Klee ainsi que ses tutoriels. Klee est un outil permettant de réaliser une analyse concolique.
2021, May 11 —