Hey, I’m Thomas 👋
I’m currently working as a Vulnerability Researcher for Sonar, helping millions of developers to write safer code.
I’ve been in the offensive security field for a few years now, first with Synacktiv and now doing full-time research to improve Sonar products. It led me to uncover bugs across all kind of software—I have a particular affection for some of these recent findings:
- Backends of package managers, for instance with CVE-2021-29472 and CVE-2022-24828 in Composer affecting packagist.org and with the potential to poison 2B+ dependency downloads per month;
- Developer tools, for instance with arbitrary code execution bugs on Visual Studio Code with CVE-2021-43891, CVE-2022-30129, CVE-2023-36742, SourceHut (1, 2, 3), etc.
- During Pwn2Own in 2020 and 2022-2023, with findings in the Synology RT6600ax (WAN), TP-Link AC1750 (LAN), Western Digital PR4100.
- Simple-yet-effective authentication bypasses on Zabbix (CVE-2022-23131, CVE-2022-23134) and CasaOS (CVE-2023-37265, CVE-2023-37266), userland LPEs on Ubuntu (CVE-2020-15704) and Fortinet SSL VPN Client, etc.
I’m also fond of lower-level security sometimes, with hands-on experience orchestrating fuzzing campaigns and corrupting memory that shouldn’t.
You can find me tootin’ on Mastodon at @firstname.lastname@example.org, and idling on Libera Chat with ~swapgs.
See you around!