Baptiste Crépin

Security Expert at CravateRouge Ltd

China
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Baptiste Crépin is a security expert with a decade of hands-on experience in offensive security, Active Directory, and Azure cloud technologies, currently leading security work at CravateRouge Ltd. He has a strong red team and pentesting background from AXA and freelance engagements, paired with formal training experience in secure development. Baptiste is an active open-source contributor and the author/contributor to bloodyAD, an Active Directory privilege escalation framework he presented at Black Hat Las Vegas 2022, and has contributed CORS scanning improvements to the widely used ZAP extensions. His profile blends offensive tooling development, cloud/AD exploitation techniques (including Shadow Credentials and RBCD), and practical defensive insights gained from large-scale engagements. Based in China and academically grounded with a master's from Université Paris-Saclay, he also teaches and builds community tools that bridge research and real-world security practice.
code10 years of coding experience
job1 year of employment as a software developer
bookMaster's degree Computer and Information Systems Security/Information Assurance, Master's degree Computer and Information Systems Security/Information Assurance at Université Paris-Saclay
languagesEnglish, French
github-logo-circle

Github Skills (16)

it-security10
javas10
ldap10
cors10
active-directory10
security-scan10
python10
cryptography10
impacket10
java10
security-scanner10
security10
testing9
unit-testing9
reverse-engineering8

Programming languages (10)

C#PowerShellJavaC++CTeXJavaScriptGo

Github contributions (5)

github-logo-circle
CravateRouge/bloodyAD

Oct 2021 - Jan 2023

BloodyAD is an Active Directory Privilege Escalation Framework
Role in this project:
userBack-end Developer & Security Engineer
Contributions:10 releases, 2 reviews, 107 commits in 1 year 3 months
Contributions summary:Baptiste primarily contributed to the core functionality of the Active Directory Privilege Escalation Framework. Their work involved implementing new techniques such as Shadow Credentials and adding functionalities like password changing and resource-based constraint delegation (RBCD). The user also focused on code reorganization, adding documentation, and improving the framework's overall capabilities.
securityprivilegedirectoryescalationprivilege-escalation
zaproxy/zap-extensions

Jan 2021 - Apr 2021

ZAP Add-ons
Role in this project:
userSecurity Engineer
Contributions:6 reviews, 16 commits, 1 PR in 2 months
Contributions summary:Baptiste contributed to the `zap-extensions` repository by implementing and improving security scan rules related to Cross-Origin Resource Sharing (CORS). They added a new CORS active scan rule to identify misconfigurations and vulnerabilities. Furthermore, they incorporated code improvements based on peer review and added a unit test for the CORS scan rule, demonstrating a focus on both functionality and code quality. The user also updated and corrected documentation related to the CORS rule.
owasp-zapsecurity-toolsadd-onssecuritydast
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Baptiste Crépin - Security Expert at CravateRouge Ltd