Jean-Marie Bourbon

Bourbon Jean-Marie is an independent cybersecurity expert specializing in offensive and defensive security. Through his company Bourbon OffSec Services, he helps businesses, SMEs and government agencies, strengthen their security posture against modern threats. • Offensive Security • Defensive Security • Consulting & Training With internationally recognized technical expertise, he takes a pragmatic and strategic approach, combining hands-on experience with real-world adaptability. His hybrid business model (both physical and online), along with a cloud-based testing lab in Luxembourg, enables him to operate on an international scale.

Offensive Security team leader activities at POST Luxembourg. Main activities of the OffSec service are: Penetration Testing in various context, Adversary Simulations, Red-Team engagements (TIBER-LU/EU), Purple-Team exercise, R&D and Vulnerability Research in closed product. Team lead key roles: perimeter scoping out and associated sizing (presales), kick-off meetings, document writing, closure meetings, follow-up (project mgmt) execution plan and custom scenarios definition alligned with customers core activities. Team management and sales activities within an international context inluding plannings and resources management, budgets, marketing/communication plan, strategy definition, service offers definition, business development, recruitment...

- As a Team leader, my role is: * Project management: perimeter scoping out, kickoff, proposal writing, closure meeting * Team management in international context (English speaking) * Sales offers creation and presales * Recruitment - As an experimented penetration tester and red team operator: * Plan, drive, execute Red/Purple Team operations * Implement and execute adversary tactics, techniques and procedures (TTPs) * Perform pentests in mixed and complex environments (internal/external scopes, thick client, Citrix, web app...) in worldwide sized companies, around different countries, implementing defensive tools requiring bypass techs. knowledge * Add value in post-exploitation phases * Conduct manual vulnerability assessment and exploitation in critical applications with some publication such like CVE-2019-14252, CVE-2019-14253, CVE-2019-14254 (same exploit chain), CVE-2019-14251 etc ... (full CVE id list available in the "publications" part) * Physical penetration testing (dumpster diving, lock-picking, illegitimate offices access through physical security weaknesses, custom USB sticks/LAN turtle usage to gain internal subnet access,...) * Offensive Security speaker and trainer

* Penetration tests (internal network, thick client, remote access, web...) in worldwide sized companies with high security level most often without classical workstations (VDI), using defensive tools (that require bypass mechanisms knowledge) and frequently evaluated infrastructure * High skills in post-exploitation steps including latest lateral movements techniques, pivoting, persistence tricks, domain takeover, data exfiltration,... * Vulnerability assessment and exploitation with some publication such like CVE-2019-6970, CVE-2018-6758, CVE 2018-20237, ... (full CVE id list available in the "publications" part) * Physical penetration testing (dumpster diving, lock-picking, illegitimate offices access through physical security weaknesses, custom USB sticks/LAN turtle usage to gain internal subnet access,...) * Red Team engagements elaboration and execution (physical security, S.E, phishing,...) the most creative that mix all offensive security techniques with one goal: identify the weaknesses no matter the technique used to a better protection for customers * Offensive security trainer * Project management: perimeter scoping out, kickoff, (in some case proposal writing), closure meeting

Penetration testings in complex and varied environments (Citrix, SCADA, iSeries, AIX, Brocade ...) Red team / Purple team pentests Vulnerabilities research, assessment & exploitations Post-exploitation Physical pentests Research of bypassing technics Exploits writing Forensics Offensive team leader / Pre-sales

Internal/external penetration testings Application penetration testing Configuration and code audits Network protocols security audits Forensics

Penetrations testings Advanced malware analysis Research and development Vulnerability research, assessment and exploitation Incident response Forensic analysis Exploit development Sandbox escapes Security and vulnerabilities exploitations trainings

S.O.C teams formation trainings Penetration testings

Perl developer on monitoring project (nagios - nagvis) Perl developer on security project (vulnerabilities research)

System administration (Windows 2008R2 and CentOS RHEL6 systems) : Kerberos/LDAP overs SSH authentication Powershell development in migration project (Windows 2008 R2) VBS development (security fix)

CTF participations (2010, 2011, 2014) "Crawling into ISP" conference (2011)

Technology watch Perl development in a park administration project Servers monitoring

VNC over VPN (OpenVpn) authentication installation Firewall, NAS, Active Directory (Windows 2003) installation and configuration Security audit

-Pentests ( network, applications and systems) -development (POWERSHELL) : VHD migration tool -Secure wireless acces point with IpFire proxy (Linux) and full network configuration