Manh Nguyen

Security Engineer

France7 yrs 5 mos experience
Highly Stable

Key Highlights

  • Expert in advanced fuzzing techniques.
  • Developed tools for vulnerability detection.
  • Contributed to significant European research projects.
Stackforce AI infers this person is a Cybersecurity expert specializing in fuzzing and vulnerability detection.

Contact

LinkedIn

Skills

Core Skills

Penetration TestingSoftware SecurityFuzzingBinary Analysis

Other Skills

Algorithm developmentAnomaly detectionAutomationBug reproductionCI/CDFull-stack developmentIncident responseProgram AnalysisSOARThreat ModellingTraffic analysisVulnerability detection

About

I am a research engineer at Montimage to contribute to various European research projects. Previously, I completed my PhD on fuzzing in the BINSEC group at CEA LIST. I'm a red teaming & offensive security enthusiast and a self-taught pentester/bug bounty hunter. I'm always open for discussion or collaboration.

Experience

Montimage

Senior Security Engineer

Feb 2021Present · 5 yrs 1 mo · Paris, France

  • Contributed to several European research projects from kick off to launch, including meetings, production of deliverables, presentation of results and patent drafting
  • Designed, built and deployed a full-stack platform with explainability and resilience for user activities classification and anomaly detection in encrypted traffic
  • Developed a SOAR solution leveraging the Shuffle SOAR platform to automatically orchestrate, refine, and execute playbooks in response to security incidents detected by SIEM systems, such as Wazuh
  • Performed code review, pentest web/mobile apps and wrote scripts to perform different network attacks
FuzzingPenetration TestingSoftware SecurityProgram AnalysisBinary Analysis

Cea list

Researcher Engineer

Nov 2017Jan 2021 · 3 yrs 2 mos · France

  • PhD Thesis: Advanced fuzzing techniques for large scale vulnerability detection
  • Integrated IDA Pro’s control-flow graphs into the BINSEC binary analysis platform
  • Implemented UAFuzz, a binary-level fuzzer for Use-After-Free (UAF) detection, achieving 2x faster UAF detection (up to 43x) and discovered 11 new UAF bugs (7 CVEs). It was featured at BlackHat USA 2021, the French MISC cybersecurity magazine and in ACM Queue 2023 as highly inspiring for fuzzing research
  • Developed AFLTeam, a tool utilizing graph structures and fuzzing data, employing partitioning and prioritized search algorithms to enhance code coverage (up to 16.4% improvement)
FuzzingBinary AnalysisSoftware Security

National university of singapore

2 roles

Research Assistant, TSUNAMi Center

Aug 2015Oct 2017 · 2 yrs 2 mos

  • Developed and maintained AFLGo, a directed greybox fuzzer for patch testing (CI/CD) and bug reproduction, resulting in the discovery of 39 bugs (17 CVEs) and integration of AFLGo into Google’s OSS-Fuzz
  • Implemented a novel, scalable automated program repair method using reference implementation analysis, significantly reducing overfitting and improving patch accuracy
  • Conducted threat modelling, attack tree design, and penetration testing for Airbus’s unmanned Skyways security during design phase
FuzzingPenetration TestingThreat Modelling

Research Intern, Programming Languages & Software Engineering Research Lab

Oct 2014Jul 2015 · 9 mos

Toshiba software development vietnam

Security Engineer

Oct 2013Sep 2014 · 11 mos · Hanoi, Viet Nam

Orange

Graduate Research Intern

Apr 2013Sep 2013 · 5 mos · Région de Caen, France

  • Secure Interoperability of a Security Element with a Trusted Execution Environment (TEE)

Education

Université Grenoble Alpes

Doctor of Philosophy - PhD

Jan 2017Jan 2020

Paris-Sud University (Paris XI)

Master 2 Professional — Networking and Telecommunications

Jan 2012Jan 2013

Hanoi University of Science and Technology

Bachelor's degree — Information Systems & Communication

Jan 2007Jan 2012

Stackforce found 100+ more professionals with Penetration Testing & Software Security

Explore similar profiles based on matching skills and experience

Ki Chan Ahn

Ki Chan Ahn

Android Technical Lead

at Dataflow Security

Seoul, South Korea14 yrs 4 mos exp
Android ExploitationBrowser Application SecurityMobile Application SecurityVulnerability ResearchWeb Application Security
Pyara Singh

Pyara Singh

Cyber Risk and Strategy Solution Advisor

at Deloitte

Bengaluru, India7 yrs exp
AWS SecurityCloud SecurityDevSecOps
Akhil Arora

Akhil Arora

Assistant Professor

at Department of Computer Science, Aarhus University

Aarhus, Denmark13 yrs 6 mos exp
Causal InferenceData and Network ScienceDeep LearningGraph MLMobile Security
Robert Beltri Pinel

Robert Beltri Pinel

Automotive Penetration Tester

at BreachLabz

Germany0 mo exp
AutomotiveCybersecurity
Chaitanya RK

Chaitanya RK

Co-founder & CEO

at Askw.ai

Amsterdam, Netherlands11 yrs exp
API SecurityFuzzing TechniquesMobile SecurityProduct SecuritySecurity Engineering
Abdulrasheed O.

Abdulrasheed O.

Deputy Manager - CyberLAB

at CyberSOC Africa

Lagos, Nigeria3 yrs 11 mos exp
Cyber Threat Intelligence (CTI)Application SecurityCybersecurityMicroservicesNode.js
Tim Blazytko

Tim Blazytko

Independent Reverse Engineering Consultant & Trainer

at Self-employed

Ruhr Region9 yrs 11 mos exp
Reverse EngineeringMalware AnalysisSecurity Architecture DesignLeadership
Rocco Calvi

Rocco Calvi

Founder and Vulnerability Researcher

at TecSecurity

United States17 yrs exp
CybersecurityProject ManagementResearch ManagementSecurity ManagementSoftware Security