Jonathan Salwan is a vulnerability researcher with 14 years of experience specializing in low-level programming, program analysis, reverse engineering, exploit development and binary deobfuscation. Based in France, he has driven research and tooling at Apple and previously at Quarkslab, where he combined hands-on vulnerability discovery with teaching symbolic execution and binary exploitation. An active open-source maintainer, he created and advanced projects like Triton (a dynamic binary analysis library) and ROPgadget, and contributed Python bindings and usability improvements to QBDI, reflecting deep practical expertise in symbolic execution and dynamic instrumentation. His work uniquely blends academic rigor—pursuing a PhD in program analysis and software verification—with pragmatic tool-building for real-world reverse engineering and protection-breaking challenges.
14 years of coding experience
11 years of employment as a software developer
Epitech
Ph.D, Program Analysis and Software Verification (ED MSTII), Ph.D, Program Analysis and Software Verification (ED MSTII) at Université Grenoble Alpes
Master's Degree (MSc), Cryptography and Computer Security (CSI), Master's Degree (MSc), Cryptography and Computer Security (CSI) at Université de Bordeaux
Student exchange program, Computer security and Operating System, Student exchange program, Computer security and Operating System at University of Kent
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC, MIPS, RISC-V 64, and RISC-V Compressed architectures.
Role in this project:
Back-end Developer
Contributions:11 releases, 208 commits, 42 PRs in 9 years 6 months
Contributions summary:Jonathan contributed to the ROPgadget project by fixing various bugs and implementing new features related to ROP chain generation and syntax. They addressed issues related to multiple branch instructions and case-sensitive regular expressions within the code. Additionally, they updated and added support for additional architectures.
Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
Role in this project:
Back-end Developer
Contributions:10 releases, 68 reviews, 3203 commits in 8 years
Contributions summary:Jonathan appears to be contributing to the dynamic binary analysis library Triton. Their work focuses on modifying and implementing features in the symbolic engine. They added and improved low-level functionalities. Also, based on the content, they were responsible for improving and refining the features of the library.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Jonathan Salwan - Vulnerability Researcher at Apple