Security Researcher & Systems Engineer
Paris, Île-de-France
Security Researcher specializing in Apple systems, reverse engineering, and vulnerability analysis, focusing on macOS and iOS internals. Passionate about understanding how Apple’s security mechanisms work through hands-on experiments.
Languages & Tools: C · C++ · Objective-C · Swift · Rust · Node.js · TypeScript · LLDB · CMake · Instruments
Expertise: Reverse Engineering · macOS/iOS Internals · Security Research · Static Analysis · Open Source · Performance Optimization
My blog explores macOS and iOS internals through reverse engineering and security research, revealing how Apple’s core mechanisms operate through practical experiments. I write about:
- macOS and iOS internals
- Reverse engineering and static analysis
- Vulnerability research and tooling
Machore is a C library and CLI tool for analyzing macOS/iOS Mach-O binaries. It started as a small experiment while I was trying to understand how Mach-O works. It handles:
- Single-architecture and fat (universal) Mach-O binaries
- CPU architecture (x86, x86_64, ARM, ARM64)
- Binary types (dylib, executable, core dump, etc.)
- Dynamic libraries and strings with contextual metadata
Focused on improving static analysis and malware detection in JavaScript packages. Contributed:
- Suspicious command probe for detecting risky usage of
spawnandexec - Advancements to js-x-ray for JavaScript malware pattern analysis
Supporting iOS and Android development of Keet app by providing native abstractions and bindings.
- Exposed push notification capabilities to JavaScript
- Maintained bare-ffmpeg
- Built a diagnostic app for Android/iOS to ensure bare-runtime compatibility
Member of the Desktop Foundation team.
- Led macOS platform research and guided cross-platform design
- Wrapped native APIs (Objective-C, Linux, Win32) into a unified C++ layer
- Bridged C++ APIs to JavaScript using JavaScriptCore
- Ensured Node.js API compatibility (timers, process, console)
- Built Node.js bindings in C++ to enable HTTP/2 and HTTP/3
- Contributed to hybrid cross-platform framework development
- Member of Node.js Single Executable Working Group
- Reduced CI pipeline time by 55% (45 → 20 min)
- Improved Hot Module Replacement speed by 57% (35 → 15 sec)
- Enhanced ESLint performance via profiling and optimization
- Refactored legacy codebase to Fastify + TypeScript
- Added CI pipelines and test coverage
- Integrated QuickBooks API
- Maintained Jetlang DSL runtime and IDE
- Built static analysis service for dependency graphs
- Led quality guild strategy across teams
- Migrated React codebase to modern hooks
- Standardized API and WebSocket layer with Redux
- Refactored UI using presentational/container architecture
C++ library for unified API across JavaScript engines (JavaScriptCore, V8).
C++ framework for building cross-platform desktop apps with modular UI components.
- Member of Diagnostic & Single Executable WG
- Contributed to FS performance improvements
- French: Native
- English: Professional
- Arabic: Basic
Paris XII University — Master E-Business (AEI) — 2014 – 2016
Paris XII University — Licence Administration & International Exchange — 2011 – 2014
Lycée Le Corbusier — Baccalauréat Scientifique (Engineering Science) — 2005 – 2008