episeclab: hacking my way from worst to first

i joined epitech after ranking dead last at my previous school. found programming. got obsessed.

second year, first week: joined a CTF project. solved every level. then hacked the platform hosting it. then hacked the school’s systems. security clicked in a way nothing else had.

building the lab

connected with other students who caught the bug. pitched a security lab to the school. they said yes. episeclab was born.

five years of:

  • rewriting the security curriculum
  • creating CTF challenges
  • running R&D projects
  • hiring and mentoring TAs

by year two i was teaching. by the end, the school was paying me instead of the other way around.

what security teaches you

security isn’t following a checklist. it’s:

  • analysis: dig into systems, trace weird behaviors, follow breadcrumbs until you’re writing exploits
  • empathy: think like the developer who made the mistake
  • creativity: find the path nobody considered
  • architecture: see the big picture, imagine how things can go wrong

you learn to see systems from the attacker’s perspective. every design decision has security implications. every assumption is a potential exploit.

what i explored

  • cryptography: not just using it, but breaking it. timing attacks, padding oracles, implementation flaws
  • side-channel attacks: power analysis, cache timing, electromagnetic emissions
  • security design patterns: how to build systems that fail safely
  • low-level internals: memory corruption, stack smashing, ROP chains
  • reverse engineering: understanding binaries without source code

each challenge opened a new domain. each domain connected to others.

the best education is the one you build yourself.

security growth collaboration

created: Dec 28, 2024

edited: Dec 28, 2024 (7 edits)