Frederic Cambus

Home · Archives · Security · Text Mode · Git · GitHub · Twitter · RSS

I specialize in code audits aimed at exposing memory corruption issues in C and C++ codebases, white box code reads coupled with automation using modern fuzzers (AFL, Honggfuzz) and sanitizers.

I cooperated directly with MITRE in the process of evaluating and assigning the following CVEs. Additionally I personally triaged them, evaluated their security impact and reported the issues to upstream developers, providing guidance with understanding the issue and often testing upstream provided fixes.