obilodeau
@obilodeau.bsky.social
Father of two. Hacker. President @NorthSec. Research at Flare. Cofounder of MontréHack. Love to teach and share. BlackHat, Defcon, SecTor speaker.
Learning about color mapping and LUT (cube files) and trying all sorts of ffmpeg tricks to make bland videos look good at 2 am..
Yup, it's about @nsec.io and trying to leverage cool video shots that we were given for free, but they were raw...
Then you realize a phone does a lot of work for you...
Yup, it's about @nsec.io and trying to leverage cool video shots that we were given for free, but they were raw...
Then you realize a phone does a lot of work for you...
October 16, 2025 at 6:15 AM
Learning about color mapping and LUT (cube files) and trying all sorts of ffmpeg tricks to make bland videos look good at 2 am..
Yup, it's about @nsec.io and trying to leverage cool video shots that we were given for free, but they were raw...
Then you realize a phone does a lot of work for you...
Yup, it's about @nsec.io and trying to leverage cool video shots that we were given for free, but they were raw...
Then you realize a phone does a lot of work for you...
I worked on a thing at work. One small cog in a huge team effort. www.newswire.com/news/flare-l...
Flare Launches Identity Exposure Management to Combat 50 Million Weekly Breached Identities and Stop Account Takeovers in Seconds
New solution enables organizations to detect, validate, and remediate leaked credentials and active sessions - before attackers strike.
www.newswire.com
October 15, 2025 at 1:26 PM
I worked on a thing at work. One small cog in a huge team effort. www.newswire.com/news/flare-l...
Quick analysis of today's chalk / npm supply chain story.
It requires the `window` object so it needs to be deployed and run in a browser. It means front-end projects would only be affected if the site itself was a cryptocurrency website. CLI projects unaffected. 1/3
It requires the `window` object so it needs to be deployed and run in a browser. It means front-end projects would only be affected if the site itself was a cryptocurrency website. CLI projects unaffected. 1/3
September 8, 2025 at 8:07 PM
Quick analysis of today's chalk / npm supply chain story.
It requires the `window` object so it needs to be deployed and run in a browser. It means front-end projects would only be affected if the site itself was a cryptocurrency website. CLI projects unaffected. 1/3
It requires the `window` object so it needs to be deployed and run in a browser. It means front-end projects would only be affected if the site itself was a cryptocurrency website. CLI projects unaffected. 1/3
Reposted by obilodeau
📸 𝗟𝗲𝘀 𝗽𝗵𝗼𝘁𝗼𝘀 𝗼𝗳𝗳𝗶𝗰𝗶𝗲𝗹𝗹𝗲𝘀 𝗱𝗲 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟱 𝘀𝗼𝗻𝘁 𝗱𝗶𝘀𝗽𝗼𝗻𝗶𝗯𝗹𝗲𝘀! • 𝗢𝗳𝗳𝗶𝗰𝗶𝗮𝗹 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟱 𝗣𝗵𝗼𝘁𝗼𝘀 𝗔𝗿𝗲 𝗢𝘂𝘁!
Revivez les meilleurs moments de NorthSec avec notre album photo officiel! ⚓️
photos.app.goo.gl/bMCHe366jdP1...
Revivez les meilleurs moments de NorthSec avec notre album photo officiel! ⚓️
photos.app.goo.gl/bMCHe366jdP1...
September 2, 2025 at 9:03 PM
📸 𝗟𝗲𝘀 𝗽𝗵𝗼𝘁𝗼𝘀 𝗼𝗳𝗳𝗶𝗰𝗶𝗲𝗹𝗹𝗲𝘀 𝗱𝗲 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟱 𝘀𝗼𝗻𝘁 𝗱𝗶𝘀𝗽𝗼𝗻𝗶𝗯𝗹𝗲𝘀! • 𝗢𝗳𝗳𝗶𝗰𝗶𝗮𝗹 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟱 𝗣𝗵𝗼𝘁𝗼𝘀 𝗔𝗿𝗲 𝗢𝘂𝘁!
Revivez les meilleurs moments de NorthSec avec notre album photo officiel! ⚓️
photos.app.goo.gl/bMCHe366jdP1...
Revivez les meilleurs moments de NorthSec avec notre album photo officiel! ⚓️
photos.app.goo.gl/bMCHe366jdP1...
Reposted by obilodeau
My advice for people who are applying to big conference for abstracts are: imagine that your reviewer is under a deadline of less than twelve hours and they are deeply deeply angry.
Write to impress that person, but write the talk you'd be proud to give.
Write to impress that person, but write the talk you'd be proud to give.
September 1, 2025 at 3:41 AM
My advice for people who are applying to big conference for abstracts are: imagine that your reviewer is under a deadline of less than twelve hours and they are deeply deeply angry.
Write to impress that person, but write the talk you'd be proud to give.
Write to impress that person, but write the talk you'd be proud to give.
Here is all the cool stuff I brought back from @bsideslv.org, @blackhatofficial.bsky.social and @defcon.bsky.social. Was thrilled to do the trio! Chrono order: Sponsor at BSides LV, speaking at BlackHat USA and DEFCON. I wasn't even trying to bring stuff back, it just happened! 🙏 cool people I met!
August 14, 2025 at 4:54 AM
Here is all the cool stuff I brought back from @bsideslv.org, @blackhatofficial.bsky.social and @defcon.bsky.social. Was thrilled to do the trio! Chrono order: Sponsor at BSides LV, speaking at BlackHat USA and DEFCON. I wasn't even trying to bring stuff back, it just happened! 🙏 cool people I met!
I caught up on a lot of tasks tonight, but I still haven’t written my post–HackerWeek LinkedIn update or caught up on the NorthSec Slack and emails 🙃
August 13, 2025 at 5:25 AM
I caught up on a lot of tasks tonight, but I still haven’t written my post–HackerWeek LinkedIn update or caught up on the NorthSec Slack and emails 🙃
Met @malwarejake.bsky.social in real life! Glad I got to talk to him about Estelle and I recent work on stealer logs with incident response use cases
August 4, 2025 at 10:53 PM
Met @malwarejake.bsky.social in real life! Glad I got to talk to him about Estelle and I recent work on stealer logs with incident response use cases
Look at this nice hardware badge! Real filament tubes!
August 4, 2025 at 9:40 PM
Look at this nice hardware badge! Real filament tubes!
Free give-aways all week during Hacker Summer Camp!
I'll be at the Flare booth during @bsideslv.org, I'll be roaming around and giving a talk at @blackhatofficial.bsky.social (brag) and I'll also be roaming around + giving a talk at @defcon.bsky.social (brag).
Come and see me. Let's chat! Cheers
I'll be at the Flare booth during @bsideslv.org, I'll be roaming around and giving a talk at @blackhatofficial.bsky.social (brag) and I'll also be roaming around + giving a talk at @defcon.bsky.social (brag).
Come and see me. Let's chat! Cheers
August 4, 2025 at 8:24 AM
Free give-aways all week during Hacker Summer Camp!
I'll be at the Flare booth during @bsideslv.org, I'll be roaming around and giving a talk at @blackhatofficial.bsky.social (brag) and I'll also be roaming around + giving a talk at @defcon.bsky.social (brag).
Come and see me. Let's chat! Cheers
I'll be at the Flare booth during @bsideslv.org, I'll be roaming around and giving a talk at @blackhatofficial.bsky.social (brag) and I'll also be roaming around + giving a talk at @defcon.bsky.social (brag).
Come and see me. Let's chat! Cheers
Reposted by obilodeau
🔐 This could reshape privacy engineering. Google open-sourced their zero-knowledge proof (ZKPs) age verification libraries on Jul 3 called "Longfellow" letting you prove you're 18+ without revealing birthdate, name, or any PII.
blog.google/technology/s... (1/8) 🧵
blog.google/technology/s... (1/8) 🧵
Opening up ‘Zero-Knowledge Proof’ technology to promote privacy in age assurance
Today, we open sourced our Zero-Knowledge Proof (ZKP) libraries, fulfilling a promise and building on our partnership with Sparkasse to support EU age assurance.
blog.google
July 20, 2025 at 12:53 PM
🔐 This could reshape privacy engineering. Google open-sourced their zero-knowledge proof (ZKPs) age verification libraries on Jul 3 called "Longfellow" letting you prove you're 18+ without revealing birthdate, name, or any PII.
blog.google/technology/s... (1/8) 🧵
blog.google/technology/s... (1/8) 🧵
Reposted by obilodeau
Missing the NorthSec community already? We made you a starter pack to help you quickly find us on Bluesky!
Saw someone missing from this starter pack? Let us know!
go.bsky.app/JZeo2ad
Saw someone missing from this starter pack? Let us know!
go.bsky.app/JZeo2ad
July 2, 2025 at 6:00 PM
Missing the NorthSec community already? We made you a starter pack to help you quickly find us on Bluesky!
Saw someone missing from this starter pack? Let us know!
go.bsky.app/JZeo2ad
Saw someone missing from this starter pack? Let us know!
go.bsky.app/JZeo2ad
A dream come true: I wrote POC-level code that I thought would be a good addition to our platform, and someone rewrote it and integrated it. We are now protecting more customers automatically with it!
Now onto the next POC!
Now onto the next POC!
July 2, 2025 at 6:15 PM
A dream come true: I wrote POC-level code that I thought would be a good addition to our platform, and someone rewrote it and integrated it. We are now protecting more customers automatically with it!
Now onto the next POC!
Now onto the next POC!
Another law enforcement takedown announced today. Operation Deep Sentinel targeted the Archetyp darknet forum (drug). These takedown videos keep getting better! Go watch: operation-deepsentinel.com
Operation Deep Sentinel
operation-deepsentinel.com
June 16, 2025 at 7:58 PM
Another law enforcement takedown announced today. Operation Deep Sentinel targeted the Archetyp darknet forum (drug). These takedown videos keep getting better! Go watch: operation-deepsentinel.com
I have two student tickets to give away for BlackHat USA as part of their student scholarship program: www.blackhat.com/us-25/speake.... Let me know if you are interested.
Black Hat
Black Hat
www.blackhat.com
June 16, 2025 at 4:25 PM
I have two student tickets to give away for BlackHat USA as part of their student scholarship program: www.blackhat.com/us-25/speake.... Let me know if you are interested.
Reposted by obilodeau
Wanted to show a snippet of how I made the mechanical component of the #Northsec 2025 slot machine for the CTF www.youtube.com/watch?v=WCLc...
Northsec 2025 Slot Machine Mech Assembly [Preview]
Quick 60 seconds summary of the assembly process of for the lever of the slot machine
www.youtube.com
May 25, 2025 at 3:44 PM
Wanted to show a snippet of how I made the mechanical component of the #Northsec 2025 slot machine for the CTF www.youtube.com/watch?v=WCLc...
Estelle Ruellan and I were accepted at BlackHat USA!!
"Hackers Dropping Mid-Heist Selfies: LLM ldentifies Information Stealer Infection Vector and Extracts loCs"
Couldn't be happier sharing what we did on a worldwide stage!
p.s.: picture of us celebrating from Botconf after our talk today
#BHUSA
"Hackers Dropping Mid-Heist Selfies: LLM ldentifies Information Stealer Infection Vector and Extracts loCs"
Couldn't be happier sharing what we did on a worldwide stage!
p.s.: picture of us celebrating from Botconf after our talk today
#BHUSA
May 21, 2025 at 11:56 PM
Estelle Ruellan and I were accepted at BlackHat USA!!
"Hackers Dropping Mid-Heist Selfies: LLM ldentifies Information Stealer Infection Vector and Extracts loCs"
Couldn't be happier sharing what we did on a worldwide stage!
p.s.: picture of us celebrating from Botconf after our talk today
#BHUSA
"Hackers Dropping Mid-Heist Selfies: LLM ldentifies Information Stealer Infection Vector and Extracts loCs"
Couldn't be happier sharing what we did on a worldwide stage!
p.s.: picture of us celebrating from Botconf after our talk today
#BHUSA
NorthSec is delivered. It was an incredible edition! Great keynotes, our best party so far and our world-class in-person CTF scenario and huge set of diverse and accessible challenges were a great success!
I didn't take much photos, I'll report back later. ✈️🇫🇷 to botconf now! 😅
I didn't take much photos, I'll report back later. ✈️🇫🇷 to botconf now! 😅
May 19, 2025 at 9:33 PM
NorthSec is delivered. It was an incredible edition! Great keynotes, our best party so far and our world-class in-person CTF scenario and huge set of diverse and accessible challenges were a great success!
I didn't take much photos, I'll report back later. ✈️🇫🇷 to botconf now! 😅
I didn't take much photos, I'll report back later. ✈️🇫🇷 to botconf now! 😅
Reposted by obilodeau
Quite a few SAO to solder and collect this year at Northsec 😍 See you Thursday
May 12, 2025 at 8:28 PM
Quite a few SAO to solder and collect this year at Northsec 😍 See you Thursday
80+ volunteers have worked on this all year. It's time for another NorthSec and it's going to be epic!
May 14, 2025 at 5:02 AM
80+ volunteers have worked on this all year. It's time for another NorthSec and it's going to be epic!
Reposted by obilodeau
Forget about the waitlist! 😎 You can once again buy tickets for the CTF. 🤩💫
Hurry up, the limit to buy tickets is may 12th! This edition will be our biggest to date, be it in physical tracks, number of challenges and integration with the scenario. ⛴️⚓
tickets.nsec.io/2025/
#ctf #nsec2025 #infosec
Hurry up, the limit to buy tickets is may 12th! This edition will be our biggest to date, be it in physical tracks, number of challenges and integration with the scenario. ⛴️⚓
tickets.nsec.io/2025/
#ctf #nsec2025 #infosec
NorthSec 2025
May 10th – 18th, 2025
tickets.nsec.io
May 7, 2025 at 11:06 PM
Forget about the waitlist! 😎 You can once again buy tickets for the CTF. 🤩💫
Hurry up, the limit to buy tickets is may 12th! This edition will be our biggest to date, be it in physical tracks, number of challenges and integration with the scenario. ⛴️⚓
tickets.nsec.io/2025/
#ctf #nsec2025 #infosec
Hurry up, the limit to buy tickets is may 12th! This edition will be our biggest to date, be it in physical tracks, number of challenges and integration with the scenario. ⛴️⚓
tickets.nsec.io/2025/
#ctf #nsec2025 #infosec
Achievement unlocked: presenting on a cinema screen
The movie starts in 15 minutes in theatre 14!
Thanks @bsidessf.org for having me!
The movie starts in 15 minutes in theatre 14!
Thanks @bsidessf.org for having me!
April 26, 2025 at 6:03 PM
Achievement unlocked: presenting on a cinema screen
The movie starts in 15 minutes in theatre 14!
Thanks @bsidessf.org for having me!
The movie starts in 15 minutes in theatre 14!
Thanks @bsidessf.org for having me!
On my 4th day in Europe I finally woke up at a normal hour. And unfortunately it is my last full day here 🙃 I'll be in San Francisco Friday. I wonder how I'll hold this weird schedule...
April 23, 2025 at 6:19 AM
On my 4th day in Europe I finally woke up at a normal hour. And unfortunately it is my last full day here 🙃 I'll be in San Francisco Friday. I wonder how I'll hold this weird schedule...
Due to work travel, I had to vote in advance this year. The ballot is in 🗳️☑️ The experience was quite smooth. A 5 minute wait maybe.
Now I hope my candidate and his leader don't do anything extremely stupid until the actual vote date 😆
Now I hope my candidate and his leader don't do anything extremely stupid until the actual vote date 😆
April 19, 2025 at 9:10 PM
Due to work travel, I had to vote in advance this year. The ballot is in 🗳️☑️ The experience was quite smooth. A 5 minute wait maybe.
Now I hope my candidate and his leader don't do anything extremely stupid until the actual vote date 😆
Now I hope my candidate and his leader don't do anything extremely stupid until the actual vote date 😆
Reposted by obilodeau
⚠️ Freezing CTF registrations soon ⚠️
There are about 40 garanteed tickets left for the CTF. When this limit is reached, we'll open a waitlist. If you have not bought your CTF ticket yet, hurry up! And don't hesitate to register on the waitlist when it opens.
tickets.nsec.io/2025/
There are about 40 garanteed tickets left for the CTF. When this limit is reached, we'll open a waitlist. If you have not bought your CTF ticket yet, hurry up! And don't hesitate to register on the waitlist when it opens.
tickets.nsec.io/2025/
NorthSec 2025
May 10th – 18th, 2025
tickets.nsec.io
April 19, 2025 at 1:52 PM
⚠️ Freezing CTF registrations soon ⚠️
There are about 40 garanteed tickets left for the CTF. When this limit is reached, we'll open a waitlist. If you have not bought your CTF ticket yet, hurry up! And don't hesitate to register on the waitlist when it opens.
tickets.nsec.io/2025/
There are about 40 garanteed tickets left for the CTF. When this limit is reached, we'll open a waitlist. If you have not bought your CTF ticket yet, hurry up! And don't hesitate to register on the waitlist when it opens.
tickets.nsec.io/2025/