profile picture

Simon Petitjean

Cybersecurity Leader

© Simon Petitjean 2025

About me

Cybersecurity Engineer, working for a private company in Luxembourg.
Specialized in offensive security (Ethical Hacking) and Incident Response/Digital Forensics.
Sworn Judicial Expert in the field of Cybersecurity, Cybercrime and Digital investigations. Appointed by the Minister of Justice (Luxembourg).

Certifications

  • GIAC Penetration Tester (GPEN) - #9559
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) - #880
  • GIAC Mobile Device Security Analyst (GMOB) - #982
  • GIAC Certified Forensic Analyst (GCFA) - #17999
  • SECO-Institute: SOC Analyst (S-SA)
  • SECO-Institute: Dark Web Foundation (S-DWF)
  • Hurricane Electric IPv6 Certified Sage
  • MISP Certified Professional
  • AWS Certified Cloud Practitioner
  • Microsoft Certified: Azure Fundamentals (AZ-900)
  • Microsoft Certified: Security, Compliance and Identity Fundamentals (SC-900)
  • Cybersecurity and Infrastructure Security Agency - Cryptocurrency for Law Enforcement
  • SkillFront ISO/IEC 27001 Information Security Associate™
  • SkillFront ISO 9001 Quality Management Systems Associate™
  • Udemy ChatGPT Prompt Engineering Mastery
  • ITIL® Foundation Certificate in IT Service Management (ITILF)
  • PRINCE2® Foundation Certificate in Project Management

(some notable) Trainings

  • SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
  • SANS SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
  • SANS SEC575: Mobile Device Security and Ethical Hacking
  • SANS SEC560: Network Penetration Testing and Ethical Hacking
  • SpecterOps AT:RTO - Adversary Tactics: Red Team Operations

Capture The Flag

  • #1 Solo Player - PwC EMEA / SANS Institute CTF: Capture The Flag Victor (ex æquo), January 2021
  • #1 Team - SpecterOps: Adversary Tactics: Red Team Operations Capture the Flag Victor, August 2019
  • #3 Solo Player - SANS: NetWars Capture The Flag Victor, November 2017
  • #1 Team - SEC575: Capture The Flag Victor, November 2017
  • #1 Team - SEC560: Capture The Flag Victor, February 2015

Research & Development

  • MISC Magazine n°140 - Threat-Led Penetration Testing : retour d’expérience sur les simulations d’attaques avancées et exigées par la réglementation DORA
  • BSides Luxembourg 2025 (Talk) - Hacking EV Chargers: Fast Track to Market, Fast Track to Vulnerabilities
  • Hack.lu 2024 (Talk) - Hacking EV Charging Points, for fun… and fixing the firmware
  • CVE-2024-8070 - Cleartext Storage of Sensitive Information
  • CVE-2024-5313 - Exposure of a non-disabled SSH interface to the wrong sphere
  • Hack.lu 2015 (Talk) - Security of Virtual Desktop Infrastructures: from great concepts to bad surprises
  • Hack.lu 2013 (Talk) - Exploiting a vulnerability to quicken SAP discovery phase

Education

  • TÉLÉCOM Nancy (School of Engineering in Information Technology)
    French Diplôme d’Ingénieur
  • Polytech Nancy (French generalist École d’Ingénieurs)
    Initial engineer education

Misc.

  • UAS Registered Operator
  • Tractors & agricultural machinery
  • Music player/enthusiast (Guitar/Bass)
  • Certified Electrician (B1V and BR clearances)
  • Member of The Voices of Nuclear ☢